Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo www.ugrocapital.com

Group: ransomhub

Discovered by ransomware.live: 2024-06-10

Estimated attack date: 2024-06-05

Country: IN

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 49

Third Party Employee Credentials: 4

External Attack Surface: 2


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • trustandsafety support.aws.com
  • itinfra ugrocapital.com
MX Records
  • ugrocapital-com.mail.protection.outlook.com.
TXT Records
  • v=spf1 include:spf.protection.outlook.com include:amazonses.com -all
  • 5m1s71hspq0e6nr23pctulb2s6
  • duo_sso_verification=xvIjM8vt5sFPgj6K2KhhtvuUsjxGdZBCNug6tKjg1uzs3NQkbjljvzUjqK6HW7hq
  • google-site-verification=Kv9unSuafJi3nyBqAtT86sJCiONQ3fEtBIrJKZ7nXu8
  • google-site-verification=gekdJR-wCO_CvBrzalaiuz6ZPvqjfI3H_lCHG_LxIPg
Cloud / SaaS Services Detected
Amazon SES/WorkMail Cisco Duo

Leak Screenshot:

Leak Screenshot