Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo

Turf Care Store

turfcare.ca
Group Akira
Discovered 2025-09-30 11:45 UTC
Est. attack date 2025-09-29
Country CA

Description:

Turf Care Store is an independent, and privately held Canadian co mpany that provides products and services to the golf course comm unity, municipalities, parks departments, professional contractor s, and authorized Toro and Kawasaki dealers. We are going to upload 30gb of their corporate data. Employee per sonal documents (passports, medical information, prescriptions, q uestionnaires and so on), other HR information, financials, agree ments, internal confidential files, projects, clients information .

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abusekey-systems.net
  • Please ask the Registrar of Record identified in this output for information on how to contact the Registrant, Admin, or Other contacts of the queried domain name
MX Records
  • turfcare-ca.mail.protection.outlook.com. Microsoft 365
TXT Records
  • apple-domain-verification=SpthvcpxfvAOPskW
  • google-site-verification=iQjgwjKVC0q1rU1rW-w2zWaSiCoyurJLRBKwmS7Bba8
  • infor-cloudsuite-domain-verification=722A7BRA9VSBXMY2EMZF4VC67CGDZ8ARU8TKK87V5CF6H43TRPMWSSXM3WE9RP9M
  • pardot1086803=9702e22c9010167d4289bf741a5bcd05c865214bae41539e2ed5c68ea636f9cb
  • sending_domain1086803=8858eeb73dfbaa79460e1b5edfffdff3225bf9b4032c7d78988e5890680e7aba
  • v=spf1 include:spf.protection.outlook.com include:spf.mandrillapp.com include:spf.apptivo.com include:servers.mcsv.net include:sendgrid.net include:_spf.salesforce.com include:aspmx.pardot.com -all
  • MS=ms65518323
  • XMedius-Verification=mfrloxr23c7qtoh0hq7ol4ptlyaeik8k8i71hgwcyq20pvo6rf88k4ko5ifsf7he
Cloud / SaaS Services Detected
Apple Mailchimp Microsoft 365 Salesforce Mandrill SendGrid

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.