Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo lankacom.net

Group: darkvault

Discovered by ransomware.live: 2024-04-11

Estimated attack date: 2024-03-14

Country: LK

Description:

LankaCom is a Sri Lanka–based telecommunications company. Founded in 1991, it is a subsidiary of Singtel and was the first company granted a Communication Operator License in the country.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 7

Compromised Users: 970

Third Party Employee Credentials: 14

External Attack Surface: 105


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • ALT2.ASPMX.L.GOOGLE.COM.
  • ALT1.ASPMX.L.GOOGLE.COM.
  • ALT3.ASPMX.L.GOOGLE.COM.
  • ASPMX.L.GOOGLE.COM.
  • ALT4.ASPMX.L.GOOGLE.COM.
TXT Records
  • 3ep6h30kbf815vsckhe0gg0stm
  • PurpleRidge-o1u5-4xWd-thPX-lcCY-aLPD
  • v=spf1 ip4:203.143.0.0/24 ip4:203.143.21.0/24 ip4:203.143.36.6/32 ip4:203.143.21.12/32 ip4:203.143.20.0/24 ip4:203.143.29.0/27 ip4:203.143.14.0/24 ip4:116.12.78.19/32 ip4:103.1.179.0/24 a mx include:spf.protection.outlook.com include:_spf.google.com -all
  • MS=ms12334548
  • google-site-verification=VA4wtgs4CzWfpnKmWKJnaPjVY4mNAY6QSRdQhpj8FMk
  • nrsl1punme8s890e0msi45cd16
Cloud / SaaS Services Detected
Microsoft 365

Leak Screenshot:

Leak Screenshot