Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo www.oma.aero

Group: ransomhub

Discovered by ransomware.live: 2024-10-24

Estimated attack date: 2024-10-18

Country: MX

Description:

Sure! OMA.aero is a company specializing in advanced aerial mobility solutions. It focuses on the development and implementation of innovative aviation technologies, particularly in the realm of electric vertical takeoff and landing (eVTOL) aircraft. The company aims to revolutionize urban transportation by providing efficient, sustainable, and accessible air travel options, enhancing connectivity and reducing congestion.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 84

Third Party Employee Credentials: 3

External Attack Surface: 28


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse support.gandi.net
  • reseaux.securite vinci-concessions.com
MX Records
  • oma-aero.mail.protection.outlook.com.
TXT Records
  • docusign=b872bf37-c893-4606-9c15-e40a2c3d14a9
  • MS=ms55531619
  • v=spf1 include:spf.mailjet.com ip4:148.244.250.13 include:spf.protection.outlook.com -all
  • atlassian-domain-verification=7rdSgLbWbteLhpX6KWu7VJWoMzptXtoCOAMAaNpMpaV/pgI1XgeNFOBZfCceiDba
  • atlassian-domain-verification=gV5OEitydlTHn6Xazrfsaj4M0xttgehFVa5Y/i7VwC8W7BZg/tqAQpKpeaZtyEFd
  • google-site-verification=sW5iDFGs1si0ulMdFO79COUSp1XHq-ZaOTP3QPAt4NU
Cloud / SaaS Services Detected
Atlassian Microsoft 365 Mailjet DocuSign

Leak Screenshot:

Leak Screenshot