Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo jmthompson.com

Group: cactus

Discovered by ransomware.live: 2024-06-10

Estimated attack date: 2024-05-25

Country: US

Description:

Download link #1:  https://***************.onion/JMT/PROOF/Mirror: https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/JMT/PROOF/DATA DESCRIPTIONS: Personal identification documents, employee personal files, confidential corporate data, projects, drawings, financial documents, supplier\customer information,  corporate and personal correspondence, etc.


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • d299017a.ess.barracudanetworks.com.
  • d299017b.ess.barracudanetworks.com.
TXT Records
  • v=spf1 mx include:spf.ess.barracudanetworks.com include:spf.mailanyone.net include:panteramail.net -all
Cloud / SaaS Services Detected
No well-known cloud or SaaS service detected.

Leak Screenshot:

Leak Screenshot