Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo www.onahotels.com

Group: lynx

Discovered by ransomware.live: 2025-09-04

Estimated attack date: 2025-09-04

Country: ES

Description:

Ona Hotels pone a tu disposición los mejores alojamientos de los mejores destinos. Entra ahora y reserva al mejor precio en la web oficial.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 66

Third Party Employee Credentials: 1

External Attack Surface: 16

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse nominalia.com
MX Records
  • mx2.hc1193-34.eu.iphmx.com.
  • mx1.hc1193-34.eu.iphmx.com.
TXT Records
  • google-site-verification=HWFZTxr6rRgR0jvl7bTx6ynwSGNYNdr29hOcnLv4e-M
  • brevo-code:6b19e6200ac8a8760d0608ef0d246ee6
  • MS=ms59663565
  • v=spf1 exists:%{i}.spf.hc1193-34.eu.iphmx.com include:spf.protection.outlook.com include:spf.mandrillapp.com ip4:23.90.118.91 ip4:23.90.117.113 -all
  • google-site-verification=oHezH9W4DDu1-bG1pso_X1nAOYHYHAs0dN728ePUDgM
  • google-site-verification=sA-0XI__xgvHvzDJVvFFsvkZHuA5yfL1AXksFwzDgrg
Cloud / SaaS Services Detected
Microsoft 365 Mandrill

Leak Screenshot:

Leak Screenshot