Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo iddink.nl

Group: cactus

Discovered by ransomware.live: 2024-04-27

Estimated attack date: 2024-04-11

Country: NL

Description:

Download link #1: https://***************.onion/IDDINKNL/PROOFMirror: https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/IDDINKNL/PROOFDATA DESCRIPTIONS: Personal identifying information, financial documents, customer data, database exports, various confidential documents, corporate correspondence, employees personal documents, private software sources, etc. 

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 1470

Third Party Employee Credentials: 2

External Attack Surface: 100


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • iddink-nl.mail.protection.outlook.com.
TXT Records
  • google-site-verification=1gyYZcGL--PxFyP7EUdUyZgu5pqKG4sQnnKx6YP_WJQ
  • MS=ms50537753
  • _69uj0uwblua1evczocvcm8nmdz2k7t8
  • v=spf1 include:sendgrid.net ip4:213.136.9.128/28 include:spf.flowmailer.net include:spf-breaks-email.bit.nl include:spf.protection.outlook.com include:145586464.spf07.hubspotemail.net ~all
Cloud / SaaS Services Detected
HubSpot Microsoft 365 SendGrid

Leak Screenshot:

Leak Screenshot