Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo leonardo.com
Update Information

Date: 2025-02-13

Description: Leonardo specifies that the rumors according to which the hacker group ThreeAM violated the corporate IT systems of Leonardo Spa are completely unfounded.

Group: threeam

Discovered by ransomware.live: 2025-02-13

Estimated attack date: 2025-01-15

Country: IT

Description:

Leonardo is a global aerospace, defense, and security company providing helicopters, security electronics, aeronautics, and space defense systems. The company was founded in 1948 and is headquartered in Rome, Italy.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 39

Third Party Employee Credentials: 62

External Attack Surface: 20


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse tucows.com
MX Records
  • l00301c001956.leonardo.com.
  • l00301c001955.leonardo.com.
  • l03201c001971.leonardo.com.
  • l03201c001970.leonardo.com.
TXT Records
  • actalis-dcv=good3tvbq0qgnl9ca8avbjiss
  • v=spf1 include:leonardocompany.com -all
  • cisco-ci-domain-verification=302bec5e942177343f0255a168ac9073bfbfa975ac78182e9dd033eaa58ba41b
  • google-site-verification=U10BdlRnlAQTz49-e05BEYUGvSmuoZeFvYDyq3XJwr4
  • wiz-domain-verification=efabe11536846bdb4784c6584605568f40dbdb7a746f6cec523d3714973b2484
Cloud / SaaS Services Detected
Cisco

Leak Screenshot:

Leak Screenshot