www.chicagobotanic.org
www.chicagobotanic.org
Group: Devman
Discovered by ransomware.live: 2025-09-29
Estimated attack date: 2025-09-29
Country:
Description:
Ransom: 590000 USD
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 2
Compromised Users: 30
Third Party Employee Credentials: 1
External Attack Surface: 20
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domainabuse tucows.com
MX Records
- chicagobotanic-org.mail.protection.outlook.com.
TXT Records
- TG21CPSV1O9QWBZN0PP6EIHLVRAU8D4L4V5DRSXB0
- facebook-domain-verification=nxfcbu2zjby4sirsogujurc710g4mw
- oomfua1t6ij8ulf6gnka8sqe04
- 5/0adXAavrnyio1blsMtjI0cABAj5DZL4UE6I34OxF02uDCqrrAuWs2h4CDTcVe09VYCxaVJroyR3tWq440gKg==
- smartsheet-site-validation=FIKxlowRMoTGOEJ_wRQ_DlhbrEM30s5K
- adobe-idp-site-verification=41031422744870fb3149460dc2d5bb5c05d25bcc3c3fe55633e6d6f601ac4842
- la81s0j3kqim5o30h38fbtpirn
- mandrill_verify.05q0qvZ6VAHLm9Mq_jEVqQ
- sophos-domain-verification=d18ec3872457c13b6a4410879112995d40f12728c704b94869573577ebd5d9d1
- MS=ms17985991
- l2cvoae01rna8ggj5robqb0pe5
- nc3e2vfshihqg0q0kc1tj9pps5
- v=spf1 include:spf.protection.outlook.com include:spf.constantcontact.com include:outboundmail.blackbaud.net ip4:208.75.123.0/24 ip4:198.2.128.0/18 ip4:205.201.128.0/20 ip4:50.236.121.246 ip4:12.138.113.130 -all
- 73c6oivbjg4nksprvqk8c6mrs6
Cloud / SaaS Services Detected
Adobe
Mailchimp
Microsoft 365
Sophos
Leak Screenshot:
