Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo moh.gov.rw

Group: babuk2

Discovered by ransomware.live: 2025-03-31

Estimated attack date: 2025-03-31

Country: RW

Description:

moh.gov.rw

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 3

Compromised Users: 563

Third Party Employee Credentials: 1

External Attack Surface: 98

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • gateway.aos.rw.
TXT Records
  • _f88jcb8o3bksn8z22q3abz859jrhuxh
  • _zlfnzueix9zkp9w9o5jcx86qwybmh07
  • v=spf1 ip4:197.243.16.0/20 ip4:197.243.60.139 ip4:197.243.22.109 -all
  • 7ybt0f3h527w211bvdtx93x5jpvq66lg
Cloud / SaaS Services Detected
No well-known cloud or SaaS service detected.

Leak Screenshot:

Leak Screenshot