Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo nirvanahotels.com.tr

Group: stormous

Discovered by ransomware.live: 2025-05-21

Estimated attack date: 2025-05-21

Country: TR

Data exfiltrated: *40GB

Description:

Full names of hotel guests a Email addresses (internal and external) Customer complaints and feedback content Booking or reference numbers Internal hotel communication data ......


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • antispamguard.kristalgrup.com.
  • etrn.smarthosthizmeti.com.
TXT Records
  • mandrill_verify.6vAtgmfJ1GIZ5wPqcD82Mw
  • v=spf1 ip4:213.155.118.72/29 ip4:94.102.78.40/29 ip4:212.58.5.0/24 ip4:212.58.6.0/24 ip4:81.21.172.0/24 ip4:95.0.62.67 include:spf.mandrillapp.com include:spf.mta01.smarthosthizmeti.com ~all
Cloud / SaaS Services Detected
Mailchimp Mandrill

Leak Screenshot:

Leak Screenshot