Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo

Madagascar Airlines

www.zoominfo.com
Group Thegentlemen
Discovered 2025-10-17
Est. attack date 2025-02-19
Country MG

Description:

https://www.zoominfo.com/c/madagascar-airlines/1311973684 www.madagascarairlines.com Madagascar Airlines offers regular flights to major cities in Madagascar from Antananarivo, providing an online booking platform for travelers. The airline features a range of services including real-time flight schedules, special offers, and additional travel options such as cargo transport. Their clientele includes both local and international travelers looking to explore Madagascar and its surrounding regions. With a focus on customer service and travel comfort, Madagascar Airlines aims to deliver an unforgettable travel experience.
Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 6925

Third Party Employee Credentials: 4

External Attack Surface: 101

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • whoisrequest@markmonitor.com
  • abusecomplaints@markmonitor.com
MX Records
  • mxa-0042bc01.gslb.pphosted.com.
  • mxb-0042bc01.gslb.pphosted.com.
  • us-smtp-inbound-1.mimecast.com.
  • us-smtp-inbound-2.mimecast.com.
TXT Records
  • v=spf1 include:_u.zoominfo.com._spf.smart.ondmarc.com -all
  • google-site-verification=6mXTBuDHk-2Du-x2_EucW6isU05nrWXQne3jF5QsGU8
  • jamf-site-verification=6RDl4wTo2zo5foO4qIdvUQ
  • google-site-verification=o9iKGrOMdBp_NYSpUvDUa4okJHX8lafcD0rCjFoyBTU
  • atlassian-domain-verification=nLP991XRIVfjHgLMjm0qm2oeZMikTd77NgfuPXxrIBqkkkTZgr9asQXYd6scjmaI
  • ecostruxure-it-verification=63b73ded-c9a0-43d5-a4bc-13bc4b86cdac
  • hubspot-developer-verification=NDNjNmJlZDYtNGVhOS00MGQxLWFlYjMtODkxZDY2NDc2NmY0
  • google-site-verification=Ykk1G2OZGjvrWYGXMqhUO9ADxZAa2u7wl2jM7-VRI8I
  • google-site-verification=lBWYr74utT4FeN7oUCykhwiW1woGDhS7S0A4M7isQhA
  • google-site-verification:m4g1eOID25e-EuZCXCXyalWrcskGHtkDMI3A4-0qjC0
  • MS=ms33572304
  • verification=b384fc086e99452bad93e15dfbe59451
  • wiz-domain-verification=8df7ec58ab5c882d7d7bad1df1200d77f97a5c7f898ea1ef0904511e9954ca91
  • google-site-verification=gA2P07VwyAI8D1HzwOO0Q7gVOnctkRTliJ8FxgWyjK8
  • facebook-domain-verification=8xqew8kv8q2qml8urdur3wijr5ginf
  • 33904d6d-5e21-4a18-8e46-b170ae80b68e
  • google-site-verification=Ck8kCbNGwHAEOnj9O7xMBPG0WBXl1bTju9N2mvtpYWo
  • MS=ms38951267
  • google-site-verification=-ukM4y3JvL3Toa2D44DXo_b5u7wwUhaaVYfFzPHzP5I
  • asv=2d91cb2d6544d7a3891d743d45d5cc45
  • airtable-verification=7d5c4bb1083aed6e27cd99985c49ac81
  • zapier-domain-verification-challenge=db195766-a847-4db2-b88a-459d5695aa90
  • box-domain-verification=03a9187e13251fb31e146271331be39f6465c7691b6c597729582302d1b2e4bd
  • hUHXNRkPrDG/vT7H4SJCG2xTF9fMTKMhfuP72fEgCsrux2DijrADGxZIfaNs6lR/5qzfiHU+CyR6mSxGMXexKQ==
  • brevo-code:3fc323c894e26fcbb4611b5486a7dba7
  • cisco-ci-domain-verification=75cb9074f645f91ce729c4564e1e073eaa626bf0466be6b5e8028e29613f9b60
  • _qkt0vyeudqdmyimlu1sicmvr5yhojvo
  • segment-site-verification=90RRtjxCS6RhpBwQXWa4KZwBygYQCOBT
  • MS=ms65324670
  • yahoo-verification-key=1mwvI3bkKwq2edAI3E6IBXFKZaucTzMI9n4ynwwKxC4=
  • pendo-domain-verification=155ca67e-9833-4698-b886-9215b2431dea
  • _elastic_domain_challenge=6e1e719d7eb9dfeb13b9f6e7f64414e005d1a4da36c43074b06c0ccdb6634fe3
  • 7s5ys3r5gsrzsm1lxdhgmp6903dfypp0
  • postman-domain-verification=8eea31cc5b7cfbfff163d605845f51d65296766bb351bc622935839be65abffc31a03fb67bd1c4fa744760df4f04d4e7586c7ead877f00eda7849bb0b71ade13
  • asv=1d6c4fb60f2790b5d26fed0bb12bd115
  • docusign=4e925286-966b-4869-81ec-23fbbe116a16
  • smartsheet-site-validation=oCkvv_UFOL0zilzID65xfuiYGFuME7lx
  • google-site-verification=460JvyZeIw91-DWG0ZEsnAGMxMiSPVug2qJcXevHCDE
  • 0ed1fe018a83a1a25394024dadbc718d52c026f8eb
  • hubspot-developer-verification=MWI1YTkyNDctODZmNi00MTBhLWE5MTYtNDBhMWEzZTQ2ODg3
  • _n4k3s4c3lnx9uq8loq8e4qrgizqenc4
  • google-site-verification=gg10WGEg16Cp7M5hcqsTRxE0K_f34PWizql6mjRUOPg
Cloud / SaaS Services Detected
Atlassian Microsoft 365 Box Segment JamF Cisco Mimecast DocuSign Proofpoint

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.