Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo

Dörr Group

doerrgroup.com
Group Alphv
Discovered 2023-12-02 08:27 UTC
Est. attack date 2023-12-01
Country DE
Duplicate Entry
This victim has been identified as a duplicate of another entry in our database. However, this may not always be the case: the same organization can be targeted multiple times by the same or different ransomware groups, which may result in separate legitimate entries. Search for related entries

Description:

McLaren, Lamborghini, Lotus, Bugatti, Pagani, Pininfarina, Dallara and Aston Martin are the brands with which the Dörr Group makes car enthusiasts drive. This means that the more than 85-strong team around owner Rainer Dörr is one of the most diverse super sports car dealers in Germany. Since it was founded in Frankfurt am Main in 2011, the Dörr Group has expanded to Stuttgart, Munich, Berlin and Hockenheim and has created a starting place for used super sports cars with the Home of Speed by Dörr Group at the Hockenheimring. Motorsport is the Dörr Group's DNA. With the Dörr Driving School, the team enables amateurs to get started from karting into GT racing and get that racing feeling in their own super sports car. The Dörr Group is the only sales partner of McLaren Customer Racing in Germany and Kart Republic in D-A-CH and the Benelux countries. Dörr Motorsport is currently registered with two McLaren 570S GT4s in the ADAC GT4 Germany and another Lamborghini Huracán Evo in the GTC Race / Goodyear 60.

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse1api.net
  • infodomain-contact.org
MX Records
  • mxtreme.hartl-edv.de.
  • mail2.asplogin.de.
TXT Records
  • v=spf1 mx a:mail.doerr-automotive.de include:spf.protection.outlook.com include:spf.hartl-edv.de include:agenturserver.de ~all
  • domainVerification=cd4ad76e-f65d-4143-8489-fa1a55ab24c2
  • MS=ms49448765
Cloud / SaaS Services Detected
Microsoft 365

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.