nstda.or.th
nstda.or.th
Group: babuk2
Discovered by ransomware.live: 2025-03-18
Estimated attack date: 2025-03-18
Country:
Description:
nstda.or.th
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 74
Compromised Users: 1377
Third Party Employee Credentials: 16
External Attack Surface: 116
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- staff thnic.co.th
MX Records
- nstda-or-th.mail.protection.outlook.com.
TXT Records
- cisco-ci-domain-verification=3851b8d2b59cee1a1ddf7bae3d509fd5c1d43403f7289583b03553d5c0b7f7ee
- t09qywb425n6mrzqdjym99qpr5s7qx5j
- google-site-verification=GFKfYtcRWRZhqHUPlUDy7GDXSZIA31cKIgqtpMK5TBI
- MS=ms53138260
- v=spf1 include:_spf.nstda.or.th include:spf.protection.outlook.com include:_spf.one.th include:smtp.txmsv.com ip4:164.115.2.0/23 ip4:202.44.204.9 include:one.zoho.com -all
- yahoo-verification-key=qL9jnNE8qUs2a52KJeuqMHG5B0vYzKNB7fnHHFBprPs=
- _esnh2wzakaaul7otsfajdnwlzrafv7b
- 043F1D7361EE9A436F94F85E7B18F14CDB3A42C8B4814058F8934ED247030E12
- MS=ms97697171
Cloud / SaaS Services Detected
Microsoft 365
Cisco
Leak Screenshot:
