Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo oneill.com

Group: ransomhub

Discovered by ransomware.live: 2025-03-17

Estimated attack date: 2025-03-03

Country: US

Description:

[AI generated] Founded in 1952, O'Neill is a reputable global company operating in the surf, snow, and youth lifestyle markets. The company prides itself in producing high-quality and functional products including wetsuits, swimwear, surf accessories, and outdoor clothing for both men and women. With its headquarters in California, O'Neill continues its legacy as a pioneer in watersports gear.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 195

Third Party Employee Credentials: 0

External Attack Surface: 50

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse registrar.eu
MX Records
  • de-smtp-inbound-1.mimecast.com.
  • de-smtp-inbound-2.mimecast.com.
TXT Records
  • v=spf1 ip4:87.236.6.66 include:de._netblocks.mimecast.com include:spf.protection.outlook.com include:mail.zendesk.com include:shops.shopify.com include:sendgrid.net include:spf.mandrillapp.com ip4:213.136.9.80/28 ip4:213.136.9.88 ip4:84.241.173.135 ip4:84" ".241.182.106 ip4:81.171.23.176/28 ip4:147.160.167.0/26 ip4:52.49.201.246/32 ip4:52.49.235.189/32 ip4:23.21.109.197/32 ip4:23.21.109.212/32 ip4:85.17.7.224/27 ip4:81.171.23.176/28 -all
  • klaviyo-site-verification=YeEvVB
  • klaviyo-site-verification=WGeTvh
  • facebook-domain-verification=42j25a9mtzwgey265r63s87kaixgrz
  • atlassian-domain-verification=m2y2pkmSWcaQmQjFg8aapYzjnV28ywmRpgNez5demQ1iPOMK23IA0riESm2rKbrQ
  • google-site-verification=droGYS_JjvXFM75ad_FvV3VUOnU5c7jyyCd-XHgBhTU
  • S7ToKcp8O6Crt/39yTobXiSTcCnO3BSWvQLddIdaYAXyeK7HcLYdtgrvCLCjGzZyXcn560V1DOeUJ7pwAXmXWA==
  • google-site-verification=AgyAyoDyutPQhpvY9OAhs_cq0hLa8LfkJ42p0I_XCmo
  • google-site-verification=uXt7vWRq4Rt8H3DrUwUGBfEuEzQSKxG2fNCMJTotMTA
  • google-site-verification=P5lOA1fImUc7tI-Zy-bObq6ZHLMiPjClNRPkso5ySUE
  • klaviyo-site-verification=WAED47
  • MS=ms87986617
  • klaviyo-site-verification=RmVYTc
  • klaviyo-site-verification=SRb8KL
  • mandrill_verify.Lb8PtVwo1NKZQn7W7p1GLQ
  • klaviyo-site-verification=XfkrQR
  • klaviyo-site-verification=R2zXJf
  • klaviyo-site-verification=LJbYMQ
  • apple-domain-verification=l6SGNezMoQQ5Yk2c
Cloud / SaaS Services Detected
Apple Atlassian Mailchimp Microsoft 365 Shopify Zendesk Mandrill SendGrid Mimecast

Leak Screenshot:

Leak Screenshot