Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

ducont.com

ducont.com

Discovered 2024-04-19 09:22 UTC
Est. attack date 2024-02-10
Duplicate Entry
This victim has been identified as a duplicate of another entry in our database. However, this may not always be the case: the same organization can be targeted multiple times by the same or different ransomware groups, which may result in separate legitimate entries. Search for related entries

Description:

Ducont is the leading IT Products & Services provider in the Middle East.

Infostealer activity detected by HudsonRock

Compromised Employees: 6

Compromised Users: 10

Third Party Employee Credentials: 15


External Attack Surface: 11


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • ducont-com.mail.protection.outlook.com. Microsoft 365
TXT Records
  • e8fr7h3uh2pqo10qhv6k4nbq38
  • 6ue9oin2hinnj95qsj38du4nqn
  • v=spf1 ip4:213.132.55.110 ip4:213.132.55.111 ip4:61.95.186.64 ip4:217.165.17.241 ip4:115.247.148.190 ip4:125.21.18.118 include:spf.protection.outlook.com include:amazonses.com include:mail.zohopayroll.in include:zcsend.in ~all
  • 6hq3r9hu1h6avs0bb41bltret2
  • zoho-verification=zb54282574.zmverify.zoho.com
  • MS=85812FB0E2BC6608622794B0ABD52BC2598D8A94
Cloud / SaaS Services Detected
Amazon SES/WorkMail Zoho Campaigns

Leak Screenshot:

Leak Screenshot