Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo https://www.hegelmann.com

Group: Lynx

Discovered by ransomware.live: 2026-03-01

Estimated attack date: 2026-03-01

Country: DE

Description:

Hegelmann Group is a family-run logistics company headquartered in Bruchsal, Germany, offering a diverse range of services including road transportation, intermodal solutions, air freight, and maritime transportation. The company has expanded globally to provide tailored logistics and warehousing solutions across various sectors and industries. With a commitment to sustainability, Hegelmann Group continually invests in innovation and multimodal services to meet customer demands. Their fleet includes state-of-the-art trucks and trailers designed for efficient transport of various cargo types


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse@godaddy.com
MX Records
  • hegelmann-com.mail.protection.outlook.com.
TXT Records
  • dbnn97bt62uopduegjgfaa4qrq
  • google-site-verification=ZPz4fm4IsUXgaVmNSuSWHq5MZohZFxOhIPjzg58OLRA
  • zoho-verification=zb91834126.zmverify.zoho.com
  • google-site-verification=rnt1ZN5Tn9jdcujvhc4jpxh1GQKWgvrrId8WY5MPuJk
  • MS=ms27910637
  • google-site-verification=NQ2nqtM7ZEKFusHJfYEuOFdClJJVG9ION782D2IDjhs
  • cisco-ci-domain-verification=6669de994ea4a90ae6e22fc52ab4dfb7b1af6b9227b57a463c889c545dd4fef0
  • v=spf1 mx a:mxs1.hegelmann.com a:mxs2.hegelmann.com include:spf.protection.outlook.com include:spf.emailsignatures365.com -all
  • ciscocidomainverification=79bbaf75255fe384cbbb5b6ad1fe6f81212c7a27367fe24b3862797382b30f68
  • have-i-been-pwned-verification=dweb_djfaainf9ifnxt45t552yzdg
Cloud / SaaS Services Detected
Microsoft 365 Zoho Campaigns Cisco Have I Been Pwned

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.