Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo www.regencytorviscas.com

Group: stormous

Discovered by ransomware.live: 2025-05-11

Estimated attack date: 2025-05-11

Country: ES

Data exfiltrated: 17GB

Description:

Full customer reservation databases (names, phones, emails, addresses, booking dates) Scanned ID documents (passports, national IDs) Internal emails via OWA Employee and customer email lists RDP credential files (with usernames/passwords)

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 7

Third Party Employee Credentials: 0

External Attack Surface: 1

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • regencytorviscas-com.mail.protection.outlook.com.
TXT Records
  • google-site-verification=9lKk2NTLd6IrCH5gF3DrsXxoI5FQigjEBr1Q2wqwWNw
  • MS=ms57209442
  • v=spf1 include:secureserver.net -all
Cloud / SaaS Services Detected
Microsoft 365

Leak Screenshot:

Leak Screenshot