infoniqa.com
infoniqa.com
Group: warlock
Discovered by ransomware.live: 2025-08-18
Estimated attack date: 2025-08-18
Country:
Description:
165g data, including internal documents, financial documents, employee information, CRM database, HR database, SaaS database
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 2
Compromised Users: 9
Third Party Employee Credentials: 2
External Attack Surface: 7
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse key-systems.net
- abusereport key-systems.net
- info domain-contact.org
MX Records
- mx02.hornetsecurity.com.
- mx03.hornetsecurity.com.
- mx04.hornetsecurity.com.
- mx01.hornetsecurity.com.
TXT Records
- v=spf1 mx mx:grz.at ip4:193.104.82.0/24 ip4:80.243.162.17/32 ip4:80.243.162.18/32 ip4:89.110.140.125/32 include:customers.clickdimensions.com include:_spf.itandtel.at include:spf.protection.outlook.com include:mail.zendesk.com include:145117811.spf02.hubs" "potemail.net include:spf.hornetsecurity.com -all
- google-site-verification=UWQ-5dvUcrArC4CCEj8-ZpBcRSqerp0MiDit9aZjG14
- MS=ms69396539
- rl58fbmf7pe5pf8hilq32r3q82
- status-page-domain-verification=2bxr74dnxfpj
- google-site-verification=HD5orGO4F__dCWHTSswK493cz2DYh-vBZCWMnMmpC3k
- atlassian-domain-verification=6gMGTEc5QUa3rjYQpNNpR4jDpCMCqkh9EaQzzRBgqytrHy8FvtnyvqnEJhcZoeE4
- webexdomainverification.=c7f65124-57c5-4f38-b90e-c4a7a169ae45
- google-site-verification=jE1FG24KLpKF3aXSQMeoS6Kwy10YMRtJFO9HnVsG2Tc
- MS=ms49415944
- google-site-verification=_4EJJaRWNLGwqNXKN1vh0fhUgqWWlp-pK5sZ5VbW7BA
- notion-domain-verification=pmlzl2ymCnRk5UUVEGnofHoDLzd8MWh2tH6r9wihKub
- brevo-code:90cd8c7afca66019a8f0c42b5c279a89
- xjpynatKZvsi5U3SlInZb7pOq6mfnkdYWgJxAkBunpC8TYkh4pGCfzQVHzHllvor2edHvU6YJd0f12cyrAT+SA==
Cloud / SaaS Services Detected
Atlassian
Microsoft 365
Zendesk
Cisco Webex