Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo newagesys.com

Group: cactus

Discovered by ransomware.live: 2024-03-22

Estimated attack date: 2024-02-29

Country: US

Description:

Download link #1:  https://***************.onion/NEWAGESYS/PROOF/Mirror: https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/NEWAGESYS/PROOF/DATA DESCRIPTIONS: Accounting\payroll\tax documents, HR data, Personal Identifying information, background reports, corporate correspondence\mailbox backups, employees personal folders, etc. 


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • alt1.aspmx.l.google.com.
  • aspmx3.googlemail.com.
  • aspmx.l.google.com.
  • alt2.aspmx.l.google.com.
  • aspmx2.googlemail.com.
TXT Records
  • v=spf1 include:spf.mailjet.com include:_spf.google.com ~all
  • 2FDF7DA5800A3F0C49F903F514D083A1.683681431A511631AC27B651811ADF6D.comodoca.com
Cloud / SaaS Services Detected
Mailjet

Leak Screenshot:

Leak Screenshot