Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo wkw-group.com

Group: cactus

Discovered by ransomware.live: 2023-12-21

Estimated attack date: 2023-12-06

Description:

Download link #1:  https://acfckf3l6l7v2tsnedfx222a4og63zt6dmvheqbvsd72hkhaqadrrsad.onion/WKW/f8r49BmAqKir/ 


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse key-systems.net
  • abusereport key-systems.net
  • info domain-contact.org
MX Records
  • mail.wkw.de.
TXT Records
  • v=spf1 mx a:mail.wkw.de ip4:193.159.168.134 include:spf.dcpserver.de include:spf.talention.com include:spf.protection.outlook.com -all
  • apple-domain-verification=qqLbO8UEW6sjO3tn
  • cisco-ci-domain-verification=68f86d82a74c508636c97951e77a3f736defef11909f126b7f74bf45fbe1ac05
Cloud / SaaS Services Detected
Apple Cisco

Leak Screenshot:

Leak Screenshot