Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo

https://www.hegelmann.com

hegelmann.com
Group Lynx
Discovered 2026-03-01 07:38 UTC
Est. attack date 2026-03-01
Country DE

Description:

Hegelmann Group is a family-run logistics company headquartered in Bruchsal, Germany, offering a diverse range of services including road transportation, intermodal solutions, air freight, and maritime transportation. The company has expanded globally to provide tailored logistics and warehousing solutions across various sectors and industries. With a commitment to sustainability, Hegelmann Group continually invests in innovation and multimodal services to meet customer demands. Their fleet includes state-of-the-art trucks and trailers designed for efficient transport of various cargo types
Infostealer activity detected by HudsonRock

Compromised Employees: 21

Compromised Users: 7

Third Party Employee Credentials: 17

External Attack Surface: 18

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abusegodaddy.com
MX Records
  • hegelmann-com.mail.protection.outlook.com. Microsoft 365
TXT Records
  • ciscocidomainverification=79bbaf75255fe384cbbb5b6ad1fe6f81212c7a27367fe24b3862797382b30f68
  • google-site-verification=NQ2nqtM7ZEKFusHJfYEuOFdClJJVG9ION782D2IDjhs
  • google-site-verification=ZPz4fm4IsUXgaVmNSuSWHq5MZohZFxOhIPjzg58OLRA
  • google-site-verification=rnt1ZN5Tn9jdcujvhc4jpxh1GQKWgvrrId8WY5MPuJk
  • have-i-been-pwned-verification=dweb_djfaainf9ifnxt45t552yzdg
  • v=spf1 mx a:mxs1.hegelmann.com a:mxs2.hegelmann.com include:spf.protection.outlook.com include:spf.emailsignatures365.com -all
  • zoho-verification=zb91834126.zmverify.zoho.com
  • MS=ms27910637
  • cisco-ci-domain-verification=6669de994ea4a90ae6e22fc52ab4dfb7b1af6b9227b57a463c889c545dd4fef0
Cloud / SaaS Services Detected
Microsoft 365 Zoho Campaigns Cisco Have I Been Pwned

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.