Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo scanda.com.mx

Group: cactus

Discovered by ransomware.live: 2024-05-13

Estimated attack date: 2024-04-09

Country: MX

Description:

Download link #1: https://***************.onion/MEXCENTRO/PROOFMirror: https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/MEXCENTRO/PROOFDATA DESCRIPTIONS: Personal Identification information, corporate documents, legal information, financial data\payroll\reports, employee personal data, correspondence, customer information, contracts, database backups. 

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 73

Compromised Users: 1

Third Party Employee Credentials: 86

External Attack Surface: 18


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • scanda-com-mx.mail.protection.outlook.com.
TXT Records
  • v=spf1 mx include:spf.protection.outlook.com ip4:201.168.158.6 ip4:201.168.158.7 -all
Cloud / SaaS Services Detected
No well-known cloud or SaaS service detected.

Leak Screenshot:

Leak Screenshot