Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo

ASUS

asus.com
Group Everest
Discovered 2025-12-02 16:24 UTC
Est. attack date 2025-12-02
Country TW

Description:

[AI generated] ASUS is a Taiwan-based multinational computer hardware and electronics company. Established in 1989, it is well-regarded for producing a wide variety of technology products such as personal computers, laptops, mobile phones, servers, Wi-Fi routers, graphics cards, and monitory. In addition, ASUS is the world's 5th largest PC vendor by unit sales. Recognized for its innovative and high-quality products, ASUS has won various international awards.
Infostealer activity detected by HudsonRock

Compromised Employees: 458

Compromised Users: 388736

Third Party Employee Credentials: 312

External Attack Surface: 200

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • foreignnet-chinese.com.tw
  • wps921_19707whoisprivacyservice.tw
MX Records
  • mg1.asus.com.
  • mg.asus.com.
  • mg2.asus.com.
TXT Records
  • 5YA7LJMOVXX399OL065GX65G87UKJ20FFDBUVX2M
  • google-site-verification=eUHxhIYbA4kM7heyt2W2onNhJHLTXuDgo4VE3snEBKw
  • mu56Kq__Cg9v_aczc5degR_4sMXtsDa2AeU3-oEsihw
  • google-site-verification=71RHI7e5zrzhwOgNIz8aT-pbh6LGw1zQ7VWTAnhlpF8
  • pardot922413=75629e802092cb0ac07329098a29b2cec1b3d86f4470d27f5643addd5bc78707
  • google-site-verification=iA3Ko0FQtp-yaka9tibkFlF98ZMkxrnu5ofKd9QQ-QE
  • hT5pYl5FKR/fwLMKrJ1KQPnZrNC8YzgJ7REPX6Wux1cRehEIzwrOuyB9ASXckqMz+rHto/UaM/44UfPgbQFjYg==
  • MS=ms94547556
  • adobe-idp-site-verification=382f5b6399951cb3de1a5d1dbd06bb8eb8d701f88c4ea5db38aa69347dd9a13f
  • trend-micro-v1-domain-verification.e5d263b0eb2014dbafc1625a7865e267=1ea4ccc7-05b5-476d-aff9-5272fc7c5d2e
  • apple-domain-verification=YVSgEqQtJRjmdVBu
  • zzldvfj08yfss0ydft85bbysmy1cj96x.
  • google-site-verification=44buYvNtZHvSRVcj2dOJGZMtmPAaLOa9zPSVMMVwbaY
  • google-site-verification=ZAxDQWYWbQka8_PwpGcJnv38NFkB1kp4ZeamtqNEjLw
  • v=spf1 ip4:103.10.4.0/22 ip4:213.61.92.115 ip4:218.211.38.242 ip4:118.163.110.210 ip4:213.61.152.30 include:spf.protection.outlook.com -all
  • 7894A73F0CFEDD51A6EA5C7E4CCD13A3965623132C7519E917382CF0131AA3F2
  • 1dbc8bc7963d4b0e90bbb0e474e38e2e
  • bv-domain-verification=e134f5546cb5c93ee5ffb1f47c8015873876076d9c43dda13d85dfc6341f65ca
  • docusign=9c43421e-314b-49f7-82ae-fe698bce40bd
  • atlassian-domain-verification=2Z9J5op7FAXNJxHd0AExZaq7IBe8R8DFbq6Lh6Qx/fhUeEWmSeGtuSYud7tFYjGn
  • facebook-domain-verification=tkhj31qarb9901xcperg0w0yfcdazh
  • docusign=f0d1ec0b-94f3-4abf-bf6f-e5c894776e57
Cloud / SaaS Services Detected
Adobe Apple Atlassian Microsoft 365 Salesforce Bing Webmaster DocuSign

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.