Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo iaai.com - Washington DC DMV

Group: babuk2

Discovered by ransomware.live: 2025-03-14

Estimated attack date: 2025-03-14

Country: US

Description:

iaai.com - Washington DC DMV

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 4

Compromised Users: 12892

Third Party Employee Credentials: 18

External Attack Surface: 105

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse cscglobal.com
MX Records
  • mxa-004be501.gslb.pphosted.com.
  • mxb-004be501.gslb.pphosted.com.
TXT Records
  • google-site-verification=" "l66mrPiluDpuX8JRUzVAH7RJoFsHNwgdnrEsFIkgH8w
  • _wnk3pgo60mm2xzrtq8zrvtdr76owy2p
  • npo2iez.impervadns.net
  • v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all
  • figma-domain-verification=71deca8d2f152d95b1ad5aa53ef7ff54835433d70a0bb604bdfab5ee32749efa-1750960196
  • JPS+f2UaGx/tPTa4CzNcLxngR93QlD0I+tA3hlvNjIMmM9eefDjfugoA66LWooLMIjB9kGqLOX94LxKfR2gIsQ==
  • globalsign-domain-verification=CBF8D69E0212A85B0279FC1BF0A49702
  • wombat-verification=3KwxVCQV1HEp-aRXRTKKaZ5G0frhk
  • google-site-verification=WZ_-goxVzF1Jlsbqb96TbM0L5AiQ9UN_IkUdaNxLPDI
  • google-site-verification=Fb8-DwAPHUIMKDNPBj9S8ngpQh9S1Qq1JR8m6NqPn4U
  • onetrust-domain-verification=3a110a7045ee46789f45c796b6e54a81
  • globalsign-domain-verification=5E75584A4B5F34D1D727BE15BDA5CBDD
  • Dynatrace-site-verification=53606eb9-affb-4c46-b075-e7420de11c1e__2r2t29a74hdh1f3m1l2oh84hq4
  • google-site-verification=APpWDBTEqZMwKoZplQ7IAJXkbxYPEMjKg-lErW6t6Lg
  • MS=ms55716782
  • apple-domain-verification=VADHewAngaFf4aEk
  • cisco-ci-domain-verification=4564ef8368c9c05f38fd2bca29e7264535cfe60f1ded66e2f173508baf666ef2
  • google-site-verification=hMEmet0Jw8Cn5NMCE9UXoSbs7_--VplZJ274_ZZlN_A
  • globalsign-domain-verification=d4fdeadaa6a62fc1e8419ccfd17b60d9
  • globalsign-domain-verification=AoB9OaMeIK4jzB0vbN2MEuWVvbXvVExmcN8sDk7lLe
  • MS=ms42694034
  • globalsign-domain-verification=40c9673b6839f7bb5c21674102403750
Cloud / SaaS Services Detected
Apple Microsoft 365 Cisco OneTrust Proofpoint

Leak Screenshot:

Leak Screenshot