Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo www.regencycountryclub.com

Group: stormous

Discovered by ransomware.live: 2025-05-11

Estimated attack date: 2025-05-11

Country: ES

Data exfiltrated: GB

Description:

Full customer reservation databases (names, phones, emails, addresses, booking dates) Scanned ID documents (passports, national IDs) Internal emails via OWA Employee and customer email lists RDP credential files (with usernames/passwords)


🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 1

Third Party Employee Credentials: 0


External Attack Surface: 1


Infostealer Distribution


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • mx.serviciodecorreo.es.
TXT Records
  • v=spf1 include:_spf.serviciodecorreo.es ~all
Cloud / SaaS Services Detected
No well-known cloud or SaaS service detected.

Leak Screenshot:

Leak Screenshot