malindoair.com
malindoair.com
Group: Apt73
Discovered by ransomware.live: 2025-01-20
Estimated attack date: 2025-01-20
Country:
Description:
Airlines, Airports & Air Services · Bangladesh | "Passenger Id", "Name", "Reservation", "Date Of...
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 6
Compromised Users: 3086
Third Party Employee Credentials: 15
External Attack Surface: 103
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- alt2.aspmx.l.google.com.
- malindoair-com.mail.protection.outlook.com.
- aspmx.l.google.com.
- alt3.aspmx.l.google.com.
- alt4.aspmx.l.google.com.
- alt1.aspmx.l.google.com.
TXT Records
- ca3-5f3d246545f64376be27508536795c08
- ca3-758eda753f7245ffbc0edc2ff980bb99
- ca3-f56dba22d65d425bbbc3d8e6aa647835
- globalsign-domain-verification=243779dafe661c86b5aa9ab3e2a3fb85
- google-site-verification=49-ei6VjI022NefvbSBsXj7zz7NzDVrFVEAEZIdh45A
- google-site-verification=s8mbgK_ogGpO7o8Nia5ezWob8Jmlw92qyl9gcBH66ds
- iicb08qt0k7bqm6eii3mf2clou
- v=spf1 include:spf.sabre.com include:_spf.google.com ip4:151.193.224.244 ip4:151.193.224.245 ip4:151.193.65.92 ip4:151.193.65.93 include:spf.protection.outlook.com ~all
- MS=ms70266865
- _globalsign-domain-verification=JISMYicSjYQMSVse8RQebKVLppLFX3ZBkrIedcrcmC
- _globalsign-domain-verification=gMyjRvLcz3TlSc5H3J4P4K8C8f5TATj8FY3aVqt0dp
Cloud / SaaS Services Detected
Microsoft 365
Leak Screenshot:
