Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo kjtait.com

Group: cactus

Discovered by ransomware.live: 2024-09-25

Estimated attack date: 2024-09-12

Country: GB

Description:

<p>Membership Organizations<br><br>“KJ Tait Engineers provides professional consultancy for the design and management of engineering services for buildings and associated infrastructure throughout the UK. We are a professional practice of Mechanical and Electrical and Public Health (MEP) building services engineers with offices in Aberdeen, Cambridge, Edinburgh, Glasgow, and London.”<br><br>Website: <a href="https://kjtait.com/">https://kjtait.com/</a><br><br>Revenue : $18.8M<br><br>Address: 42 Union Ter, Aberdeen, Aberdeenshire, AB10 1NP, United Kingdom<br><br>Phone Number: +44 1224621794<br><br><mark class="marker-yellow"><strong>Download link #1:</strong></mark> &nbsp;<a href="https://6wuivqgrv2g7brcwhjw5co3vligiqowpumzkcyebku7i2busrvlxnzid.onion/KJTAIT/PROOF/">https://6wuivqgrv2g7brcwhjw5co3vligiqowpumzkcyebku7i2busrvlxnzid.onion/KJTAIT/PROOF/</a><br><br><mark class="marker-yellow"><strong>Mirror:</strong></mark> <a href="https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/KJTAIT/PROOF/">https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/KJTAIT/PROOF/</a><br><br><mark class="marker-yellow"><strong>DATA DESCRIPTIONS:</strong></mark> Personal Identifiable Information, database backups, corporate documents\contracts\projects\drawings, employees personal data, customer information, financial documents, corporate correspondence, etc.</p><p><img src="/uploads/Bob_Passport_91d43bfd17.png" alt="Bob Passport.png"><img src="/uploads/KJT_Abbott_Confidentiality_Statement_f7c6d55b0a.png" alt="KJT-Abbott Confidentiality Statement.png"><img src="/uploads/MT_734d847fa9.png" alt="MT.png"><img src="/uploads/23_05_22_A0423_KJT_ZZ_XX_RP_E_0001_Electrical_Services_ACC_comments_added_38fed08014.png" alt="23.05.22 A0423-KJT-ZZ-XX-RP-E-0001-Electrical Services ACC comments added.png"><img src="/uploads/RU_Drivers_Licence_acfe7f108d.png" alt="RU - Drivers Licence.png"></p>


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse tucows.com
MX Records
  • eu-smtp-inbound-1.mimecast.com.
  • eu-smtp-inbound-2.mimecast.com.
TXT Records
  • y5d1Iw37gxlYr/F+7WhMAOuYb2pMHrVoLCVWyvcWh3FAt7zdWoEioSudMudPR9u6v/+UvawcSCdU+Z80hzQOxQ==
  • iFMz1bngX89hYKdKfDePyXY2qT27H5ep/35kV5EWLEqb4gN22oeCcwoGMIEOVraHONPiWa8R/ofpqdy4GF8N2g==
  • 0ed1fe018ab4af83202e434c23a19105b5f12c2a84
  • MS=ms47862201
  • MS=FD94119225E030BA69BFA00DA0C8692BEB2FD7F1
  • v=spf1 mx include:eu._netblocks.mimecast.com -all
Cloud / SaaS Services Detected
Microsoft 365 Mimecast

Leak Screenshot:

Leak Screenshot