Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo tibaitservices.com

Group: cactus

Discovered by ransomware.live: 2024-08-08

Estimated attack date: 2024-07-06

Description:

Download link #1:  https://***************.onion/TIBA/PROOF/Mirror: https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/TIBA/PROOF/DATA DESCRIPTIONS: Personal Identifiable Information, employees and executives personal and corporate data, financial documents, contracts, corporate correspondence, etc.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 40

Third Party Employee Credentials: 22

External Attack Surface: 5


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • tibaitservices-com.mail.protection.outlook.com.
TXT Records
  • v=spf1 include:spf.protection.outlook.com -all
Cloud / SaaS Services Detected
No well-known cloud or SaaS service detected.

Leak Screenshot:

Leak Screenshot