Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo kosmas.cz

Group: lynx

Discovered by ransomware.live: 2025-05-28

Estimated attack date: 2025-05-04

Country: CZ

Description:

Online bookstore Kosmas.cz

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 3

Compromised Users: 520

Third Party Employee Credentials: 0

External Attack Surface: 57

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • kosmas-cz.mail.protection.outlook.com.
TXT Records
  • google-site-verification=aZ4jOFFajtZo7plK-XpawyEsO8Nz9q0bQCVQ9ecGVOE
  • google-site-verification=cd2NNO97-1gf30nTk8wAZcNJqWfXxBbp67JcpxfGbMA
  • v=spf1 mx ip4:20.229.94.220 ip4:178.238.43.37 include:emailmachine.cz include:_emailing.heureka.cz include:spf.protection.outlook.com -all
  • MS=ms62056171
  • 6gklu1nd21jej2gbumfcdap3ll
  • 9mggmo9ulrfaanrvj50u39evac
  • ou33spqk2nssm7h5sm22vrfi86
  • pmgo6ndjqpc9idbv1379s36s0c
  • tbj96564kv2cclb83g3bjh5ic9
  • MS=628186694380F30B23916831E9B68EE78CC98418
  • facebook-domain-verification=ve7kohkzjal3zo5jnmvuwi09bngkpr
Cloud / SaaS Services Detected
Microsoft 365

Leak Screenshot:

Leak Screenshot