Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo familyguardian.com

Group: cactus

Discovered by ransomware.live: 2024-05-31

Estimated attack date: 2024-05-22

Country: BS

Description:

Download link #1:  https://***************.onion/FAMILYGUARDIAN/PROOF/Mirror: https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/FAMILYGUARDIAN/PROOF/DATA DESCRIPTIONS: Hundreds of confidential client documents and personal identifying information (passports, utility bills, contracts), corporate correspondence, employee phones backups, executives personal data, database backups, etc. 

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 10

Third Party Employee Credentials: 0

External Attack Surface: 0


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • je-smtp-inbound-2.mimecast-offshore.com.
  • je-smtp-inbound-1.mimecast-offshore.com.
TXT Records
  • v=spf1 include:_netblocks.mimecast.com include:spf.protection.outlook.com ~all
  • MS=ms59060395
  • _53qqb4u6dw13laowc92nyz5fj536hji
  • google-site-verification=XmEl7TdwLyREs5PhGKEF9xzJtAmJNy5MalP_RLiskyc
  • 97mxf0g83n41g7j97wfzwqmh00gwcbsy
  • r9drx52clfsd63k0xzttl1r4rcz5qbn2
  • y0cjsxfn16bzgf5221t6t0qfyys0ffyt
Cloud / SaaS Services Detected
Microsoft 365 Mimecast

Leak Screenshot:

Leak Screenshot