Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo tagorg.com

Group: warlock

Discovered by ransomware.live: 2025-08-17

Estimated attack date: 2025-08-17

Country: JO

Description:

all data

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 23

Compromised Users: 11

Third Party Employee Credentials: 0

External Attack Surface: 14

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse directnic.com
  • mlattouf agip.com
MX Records
  • mx1.tagorg.com.
  • mx4.tagorg.com.
  • mx2.tagorg.com.
  • mx3.tagorg.com.
TXT Records
  • MS=ms63664859
  • 7O76VzL1J8TyW6ZS3OchglLf08O7O/fuJl9ju+7DSAUj5P27F6z3wpGOc711Lm3uVqg1pGoDDxgy3bljrujGWA==
  • MS=ms32747796
  • v=spf1 mx a a:egateway.tago.org a:mailer.tagorg.com ip4:89.28.217.62/32 ip4:89.28.217.52/32 ip4:37.105.22.127/32 ip4:89.28.217.115/32 ip4:89.28.216.247/32 ip4:89.28.216.220/32 ip4:89.28.217.63/32 ip4:89.28.218.8/29 ip4:51.254.61.32/28 ip4:89.28.217.33/32 " "ip4:89.28.217.64/32 ip4:89.28.217.65/32 ip4:41.187.89.200/32 ip4:41.187.89.140/32 -all
  • google-site-verification=SkHnrOjDy68mVUaInJCj_wmBpTU45kgEdSNe87uE0-w
Cloud / SaaS Services Detected
Microsoft 365