Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo

steelerubber.com

steelerubber.com

Group: Cactus

Discovered by ransomware.live: 2025-02-17

Estimated attack date: 2025-02-05

Country: US

Description:

<p>Automotive Service &amp; Collision Repair.<br><br>“Steele Rubber Products is a manufacturer of auto weatherstrip and rubber parts to fit classic cars, trucks, and hot rods since the mid 1960's. They supply high quality windshields, doors, windows, hoods and trunk parts as well as hard to find products such as gaskets, pedal pads, fuel systems parts and bumpers.”<br><br>Website: <a href="https://www.steelerubber.com/">https://www.steelerubber.com/</a><br><br>Revenue : $17.9M<br><br>Address: 6180 Hwy 150 E, Denver, North Carolina, 28037, United States<br><br>Phone Number: (704) 483-9343<br><br><mark class="marker-yellow"><strong>Download link #1:</strong></mark> <a href="https://6wuivqgrv2g7brcwhjw5co3vligiqowpumzkcyebku7i2busrvlxnzid.onion/STEELRUBBER/PROOF/">https://6wuivqgrv2g7brcwhjw5co3vligiqowpumzkcyebku7i2busrvlxnzid.onion/STEELRUBBER/PROOF/</a><br><br><mark class="marker-yellow"><strong>Mirror:</strong></mark> <a href="https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/STEELRUBBER/PROOF/">https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/STEELRUBBER/PROOF/</a><br><br><mark class="marker-yellow"><strong>DATA DESCRIPTIONS:</strong></mark> Personal identifiable information, corporate data, engineering documents\drawings, agreements, contracts, invoices, financial data\payroll, HR dept docs, corporate correspondence, employees personal folders, etc.</p><p><img src="/uploads/W4_support_for_APS_8ac60ccf7a.png" alt="W4 support for APS.png"><img src="/uploads/Steele_Rubber_P_and_L_2023_07_2024_06_8cbc153c12.png" alt="Steele Rubber P&amp;L 2023-07 - 2024-06.png"><img src="/uploads/High_Disa_3518587_0b0020418a.png" alt="High Disa 3518587.png"><img src="/uploads/70_4495_84_20815be6f5.png" alt="70-4495-84.png"><img src="/uploads/Haas_Agreement_for_Steele_Rubber_Products_1ad95e7e9d.png" alt="Haas Agreement for Steele Rubber Products.png"></p>
Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 15

Third Party Employee Credentials: 0

External Attack Surface: 4


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations@web.com
MX Records
  • mx1-us1.ppe-hosted.com.
  • mx2-us1.ppe-hosted.com.
TXT Records
  • facebook-domain-verification=hqhnpj67e0dec0qkfougnt8yuubpp4
  • google-site-verification=i8RqNqaOVxf4Cp1s1BjHEXhuwME47lyW4W7gczfGZFQ
  • google-site-verification=iRbB6jOTm8ODkgnRK7InsdBp1OWHwJDjQEQdUiZ1A64
  • ppe-bd02274fc77421d02d92476334317d138204b7e8
  • v=spf1 ip4:74.203.123.70 include:spf.protection.outlook.com include:amazonses.com include:auth.msgapp.com a:dispatch-us.ppe-hosted.com ~all
  • MS=ms70070745
  • _s8lnh5kwowp2et3e1v93unde0y352do
Cloud / SaaS Services Detected
Amazon SES/WorkMail Microsoft 365 Proofpoint Essentials

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.