Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks


Group Medusa
Discovered 2024-03-06 19:53 UTC
Est. attack date 2024-03-06
Country TH
Duplicate Entry
This victim has been identified as a duplicate of another entry in our database. However, this may not always be the case: the same organization can be targeted multiple times by the same or different ransomware groups, which may result in separate legitimate entries. Search for related entries

Description:

JVCKENWOOD (Thailand) Co., Ltd. is an overseas subsidiary of JVCKENWOOD Corporation based in Thailand, specialising in being a sole distributor of Kenwood audio products, marketing of JVC audio and video products. JVCKENWOOD (Thailand) Co. corporate office is located 240/33, 240/35 Ayothaya Tower, 18th Floor, Ratchadapisek Soi 18 Road, Huaykwang Bangkok, Bangkok, 10310, Thailand

Infostealer activity detected by HudsonRock

Compromised Employees: 9

Compromised Users: 190

Third Party Employee Credentials: 6


External Attack Surface: 64


Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse1api.net
  • dommastermark-i.jp
  • infodomain-contact.org
MX Records
  • jvckenwood-com.mail.protection.outlook.com. Microsoft 365
TXT Records
  • nmfsk5266iukseko86juhl6d0i
  • apple-domain-verification=g1d0R1owQDW4Z8FK
  • google-site-verification=0pNf6Rwby1EtBSQpU1z4yxW1sLR2ctvLIWhtCYS6Cpo
  • facebook-domain-verification=zdywq9zgt7s69hod9cxd0ebaivt6m0
  • kl5k8e72svctacsitiua7gamti
  • v=DKIM1;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXM8nhKxY8DO3nPyNcb3f16/5Z8BNt8/cit+LQiO+P2zVrrpGPrLK/0qn47M42WTlfnJsYEgFAUJJ+X3y+cvDTXFuj0NmpPO8EoWB5YcMT6XzKsXZespPURZmBsOHK9fTSbmSdhS/KB6ZBECPZoh3urLJVlGHtxbFiqOhVJ6pECQIDAQAB
  • MS=ms71832370
  • ikp648qsli41if55uscmn7hff0
  • 4p6rj9ppv1uqmcn9it34u53ddp.
  • google-site-verification=MKHqex4IwKyO80dOrU7w_ATe1H4tXt86GoFHaFwozuI
  • adobe-idp-site-verification=b48ef314-add1-4e39-ad32-0090f8805888
  • miro-verification=b628e6b1c979b25f9e080ff792c754fab8a6a944
  • sk6ju68utteisj8df0hujsma4a
  • google-site-verification=Do51kbn0CgBImt6SHmfubZ9rKcnbPBh-Vb1aJWbfzLc
  • google-site-verification=sc5S3IENfRgp-YXCs6yMp0QHc8mh1iyR9kmlU-NxPDQ
  • v=spf1 include:_spf-jp.jvckenwood.com include:mdwisdom.maildealer.jp include:spf.protection.outlook.com include:easyfile-exp.jp include:spf-bma.mpme.jp include:amazonses.com include:spf.haihaimail.jp ~all
Cloud / SaaS Services Detected
Adobe Apple Amazon SES/WorkMail Microsoft 365 Miro

Leak Screenshot:

Leak Screenshot