kumhotire.com
kumhotire.com
Group: lockbit3
Discovered by ransomware.live: 2024-09-26
Estimated attack date: 2024-08-25
Country:
Description:
Kumho Tire (formerly known as Samyang Tire) is a South Korean tire manufacturer. Kumho Tire was previously operated as a business unit of the Kumho Asiana Group. Since 2018, it is a subsidiary of Chinese tire conglomerate Doublestar. Encrypted up...
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 3
Compromised Users: 30
Third Party Employee Credentials: 22
External Attack Surface: 28
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse gabia.com
MX Records
- sniper.kumhotire.com.
TXT Records
- v=spf1 ip4:165.141.0.0/16 ip4:13.124.111.122 ip4:165.141.6.140 ip4:165.141.6.141 ip4:165.141.6.142 include:spf.protection.outlook.com include:spf.maily.so ~all
- cisco-ci-domain-verification=152ff5fec748923c5622275d354eedc339f6de190d38e2eb3f41b6ed729f5e91
- GIgMUUn7bgsI5tehnQMSwa5yyz2c95rgmL2ERcUOH7v07ICslVVqSmRYgwMCZzSuzplL4toFx+pp3i6jlvbeeA==
- MS=F4AFAC9ACC6F1BDEE5DA83F4A90C8FA83B4B1140
- google-site-verification=5fB0r6znLZrpaOg6oGWAGIA-xPDzjjPceNCD3FpTA1U
Cloud / SaaS Services Detected
Cisco
Leak Screenshot:
