Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Deutsche Bank

db.com

Group Unsafe
Discovered 2026-07-04 11:30 UTC
Est. attack date 2026-07-04
Country DE

Description:

Revenue: 30 billion

Infostealer activity detected by HudsonRock

Compromised Employees: 354

Compromised Users: 4022

Third Party Employee Credentials: 528


External Attack Surface: 200


Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • smtp13.db.com.
  • smtp15.db.com.
  • smtp12.db.com.
  • smtp23.db.com.
  • smtp22.db.com.
  • smtp14.db.com.
  • smtp24.db.com.
TXT Records
  • 00DKN0000000t5B=1TBKN000000Gmad
  • adobe-idp-site-verification=ebd1b7c0129651c3c2c80e1d73e2a90e482cec20967920f87bd30a70728d0873
  • 00D300000000ZSR=1TBKk000000KyjB
  • zFSjiNgPRk8FttdelKTV33ESlf2AoEIcf9gyieQnzasDPtFM6UAglk3GVv1kKVNvriGv5z2p3IKQTAmfOJh6jQ==
  • 00DKI000000H0GK=1TBKI000000KykO
  • 00D0Y000001jgp6=1TBJ7000000TN1x
  • 00DKI000000LIe6=1TBKI000000001Y
  • 00DKJ000000Gyf0=1TBKJ000000GmbH
  • 0D25000000HC3n=1TBKH000000000G;00DKG000001G1Sl=1TBKG000000KylI;00DKL000000H0YA=1TBKL000000000m;00DKG000000LBOc=1TBKG0000008OIe;00D7E000000Amn6=1TBKO000000CaRC
  • QuoVadis=3e58dca1-dd1c-41c7-96e7-92338816c762
  • 00DKE000000GyaW=1TBKE000000CaSu
  • facebook-domain-verification=z9wptfi6z583vs2l8t5wk6zypq0ddf
  • QuoVadis=9a3e7de8-d044-492f-a47d-686e10d79be6
  • 00DKG000000Gyeu=1TBKG000000000k
  • 00D4L000000jV6d=1TBJ9000000PAsm
  • 00D3O0000008mml=1TBKI000000KyjQ
  • pexip-ms-tenant-domain-verification=value1,9f599f8e-b982-44c2-a563-733f53652d58
  • 00D7Y0000001RKh=1TBKE000000GmaO
  • 00DKJ000000LMV8=1TBKJ000000GmbW
  • docusign=c2f928f1-7ede-41a1-bf8f-d2950667dab8
  • QuoVadis=83836e67-d3bb-42bf-8b35-162af34db768
  • 00DKI000000H0Wz=1TBKI000000000k
  • d23a42a29b0840028a4af1557b98572f
  • apple-domain-verification=Bi9q52e7UmnGKsjy
  • 00DKI000000LGRp=1TBKI0000004CAL
  • v=spf1 ip4:160.83.0.0/16 ~all
  • zaU3GmK84cVY+XTX0KpAodECpvZv1evp5eDhPx/H2lPOGx2z1PnF9UnlKi8q5ye2fQ60uQb8U15vSKIX5H495A==
  • docker-verification=db44e2a4-eec3-460a-8891-9b6cf83c21ec
  • new-relic-domain-verification=137e43072d41470a854b41b90da97c48
  • QuoVadis=5608ca33-3315-48bc-a04e-2c413c3038ef
  • google-site-verification=c9kQxLLWwNJ1zVNelvCe2tquJrLikBipCoyFrrV8VPw
  • adobe-idp-site-verification=266841ad46f6a04739ecddfbc4c697b53bb31eda59acd14b65310c0601c5ccd2
  • docusign=76cef473-9b56-48fa-9f15-e60e674a3f66
  • QuoVadis=48509f83-4123-486b-80ce-1026da852815
  • pexip-ms-tenant-domain-verification=9f599f8e-b982-44c2-a563-733f53652d58
  • QuoVadis=b46d77b0-bd9e-4c18-9c9f-d804d3d37169
  • _globalsign-domain-verification=Vg1C9KB2JsBNtPy6ucvXwCGkT_dcFTZnMLQIqJ3HNE
  • QuoVadis=5bb6360c-7e69-4c23-900f-71ee79ef3351
  • 00DKJ000000LGEM=1TBKJ000000CaSM
  • jpg4mDPzjFsb1WB6pRbXL2ZN90QRtGhKwcQAVnLT6Xs=
  • 00DJ6000001HRk7=1TBJ6000000000V
  • _globalsign-domain-verification=5YGDN9fG5Os2kPBJn1cpuiMDnj59t7eg6-NMb8UTJr
  • 00D590000000MMu=1TBDk0000004CAf
  • wlk48r6lmwm6sxsfnrhhpflbyxg9krrk
  • new-relic-domain-verification=6814daddb8c6477db31bf81d7185a987
  • figma-domain-verification=b683db153c43e78d2735c4d9bf4b82b7344d60c58587cf4217fb72c17af7479f-1723563559
  • 00DKO000000H0CD=1TBKO000000Gmap
  • 00D7Q000002Aomw=1TBJ60000004CAQ
  • 00D580000004Akk=1TBJ8000000fxVU
  • atlassian-domain-verification=84JXpQBhAhzPjiM1wU0GlHuC/ky7JExmSHsdduuggeRfV0Mhzt1hqxE6b2cdusS8
  • 00D200000000sKb=1TBKA000000Gma9
  • 00D0O000000reHt=1TBKC000000oLkj
  • MS=ms94849899
  • GCY2GABHZbRGfSmxtluT
  • g1smq76hsdvy86z400wkkdyqr9vw4mw4
  • 00DKN0000001V7F=1TBKN0000004CAV
  • google-site-verification=TfEbVn0BMIyKDZMGvyj5p6l3gruzN74lchZ2TjqZNxo
  • 1Bj9e2QZSyxn5sGh7Qi5CG9tBn3m
  • QuoVadis=7e856ef0-6a07-4454-a320-05abc34d4d41
Cloud / SaaS Services Detected
Adobe Apple Atlassian Docker Global Sign Microsoft 365 DocuSign

Leak Screenshot:

Leak Screenshot