Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo kingdom

Group: funksec

Discovered by ransomware.live: 2024-12-04

Estimated attack date: 2024-12-04

Country: US

Description:

The website kingdom.com is an online platform that caters to the needs of churches, ministries, and religious organizations by providing a wide range of supplies and equipment.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 3

Compromised Users: 35

Third Party Employee Credentials: 13

External Attack Surface: 19


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse moniker.com
  • abusereport moniker.com
  • domreg kingdominc.com
  • info domain-contact.org
MX Records
  • aspmx2.googlemail.com.
  • alt4.aspmx.l.google.com.
  • alt3.aspmx.l.google.com.
  • aspmx3.googlemail.com.
  • alt1.aspmx.l.google.com.
  • alt2.aspmx.l.google.com.
  • aspmx.l.google.com.
TXT Records
  • amazonses:aBYKnVvzSBBsQR59a6eU+q0S5FGy90gGF6/cUTIa6SE=
  • google-site-verification=fhniAcnxf4HzbwYh4SFf6cn7_w2tp61rGw0D2ueTXQU
  • v=spf1 include:_spf.google.com include:spf.constantcontact.com include:_spf.mlsend.com include:amazonses.com include:spf.mandrillapp.com ~all
Cloud / SaaS Services Detected
Amazon SES/WorkMail Mandrill

Leak Screenshot:

Leak Screenshot