Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo www.diethelmtravel.com

Group: Devman

Discovered by ransomware.live: 2025-08-04

Estimated attack date: 2025-08-04

Country: TH

Description:

1800000 USD

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 9

Compromised Users: 8

Third Party Employee Credentials: 15

External Attack Surface: 10

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse cscglobal.com
MX Records
  • in.hes.trendmicro.com.
  • mail.hk.diethelmtravel.com.
  • trumpet.asianet.co.th.
  • diethelmtravel-com.mail.protection.outlook.com.
  • diethelmtravel.in.tmes-sg.trendmicro.com.
TXT Records
  • v=spf1 ip4:110.49.36.157 include:spf.tmes.trendmicro.com include:spf.hes.trendmicro.com in -all
  • XdipRMKP2jM1wb9EchSnHzFs7luixEpLIDY1OeBO0WWDvaVDrMqaddynohyI0CeR4CgWYdr13vyL0ublSHvAKA==
Cloud / SaaS Services Detected
No well-known cloud or SaaS service detected.

Leak Screenshot:

Leak Screenshot