← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
IOC - Remote access, real cargo: cybercriminals targeting trucking and logistics
Proofpoint is tracking a cluster of cybercriminal activity that targets trucking and logistics companies and infects them with RMM tooling for financial gain. Based on our ongoing investigations paired with open-source information, Proofpoint assesses with high confidence that the threat actors are working with organized crime groups to compromise entities in the surface transportation industry — in particular trucking carriers and freight brokers — to hijack cargo freight, leading to the theft of physical goods. The stolen cargo most likely is sold online or shipped overseas. Such crimes can create massive disruptions to supply chains and cost companies millions, with criminals stealing everything from energy drinks to electronics.
Indicators of Compromise (49)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | 13a1ccd80006ec004544ab99775c1389 | MD5 of cf0cee4a57aaf725341d760883d5dfb71bb83d1b3a283b54161403099b8676ec | 2025-11-04 | |
| FileHash-MD5 | 2e0d7ac2b3d2f1345ea6a1791f6135fc | MD5 of 559618e2ffbd3b8b849a6ad0d73a5630f87033976c7adccbd80c41c0b2312765 | 2025-11-04 | |
| FileHash-MD5 | 3fb1cc89e923a1deeb09777d2b0ffd9f | MD5 of 913375a20d7250f36af1c8e1322d1541c9582aa81b9e23ecad700fb280ef0d8c | 2025-11-04 | |
| FileHash-MD5 | 5750ad38fc9bf64ee9d4a352684de4c2 | MD5 of 4e6f65d47a4d7a7a03125322e3cddeeb3165dd872daf55cd078ee2204336789c | 2025-11-04 | |
| FileHash-MD5 | cdaf9b7a428384781988ce37cce2e00d | MD5 of 70983c62244c235d766cc9ac1641e3fb631744bc68307734631af8d766f25acf | 2025-11-04 | |
| FileHash-MD5 | ec86f4d4e9d22d412177f1c1b360af33 | MD5 of 8a00b3b3fd3a8f6b3ec213ae2ae4efd41dd5738b992560010ab0367fee72cd2a | 2025-11-04 | |
| FileHash-SHA1 | 063985a0f5368be79662c6849bcdb3575e46f623 | SHA1 of 913375a20d7250f36af1c8e1322d1541c9582aa81b9e23ecad700fb280ef0d8c | 2025-11-04 | |
| FileHash-SHA1 | 10ae96a35805c0ef3c5c264699fa40bde6ec4cd9 | SHA1 of cf0cee4a57aaf725341d760883d5dfb71bb83d1b3a283b54161403099b8676ec | 2025-11-04 | |
| FileHash-SHA1 | 2fe71ad9b98584383e29bb0daa8a2f04875ddef2 | SHA1 of 8a00b3b3fd3a8f6b3ec213ae2ae4efd41dd5738b992560010ab0367fee72cd2a | 2025-11-04 | |
| FileHash-SHA1 | 6a6874c83fda5c1fac3d7192772c677cac5cc277 | SHA1 of 70983c62244c235d766cc9ac1641e3fb631744bc68307734631af8d766f25acf | 2025-11-04 | |
| FileHash-SHA1 | eb0d113832f6f1ad0938128964f2513f6e485538 | SHA1 of 4e6f65d47a4d7a7a03125322e3cddeeb3165dd872daf55cd078ee2204336789c | 2025-11-04 | |
| FileHash-SHA1 | ff15881bcc051784470ef48abe82f123dd22b886 | SHA1 of 559618e2ffbd3b8b849a6ad0d73a5630f87033976c7adccbd80c41c0b2312765 | 2025-11-04 | |
| FileHash-SHA256 | 4e6f65d47a4d7a7a03125322e3cddeeb3165dd872daf55cd078ee2204336789c | — | 2025-11-04 | |
| FileHash-SHA256 | 559618e2ffbd3b8b849a6ad0d73a5630f87033976c7adccbd80c41c0b2312765 | — | 2025-11-04 | |
| FileHash-SHA256 | 70983c62244c235d766cc9ac1641e3fb631744bc68307734631af8d766f25acf | — | 2025-11-04 | |
| FileHash-SHA256 | 8a00b3b3fd3a8f6b3ec213ae2ae4efd41dd5738b992560010ab0367fee72cd2a | — | 2025-11-04 | |
| FileHash-SHA256 | 913375a20d7250f36af1c8e1322d1541c9582aa81b9e23ecad700fb280ef0d8c | — | 2025-11-04 | |
| FileHash-SHA256 | cf0cee4a57aaf725341d760883d5dfb71bb83d1b3a283b54161403099b8676ec | — | 2025-11-04 | |
| domain | billpay-info.com | — | 2025-11-04 | |
| domain | brokeragepacket.com | — | 2025-11-04 | |
| domain | brokercarriersetup.com | — | 2025-11-04 | |
| domain | brokerpackets.com | — | 2025-11-04 | |
| domain | car-hauling.com | — | 2025-11-04 | |
| domain | carrier-packets.com | — | 2025-11-04 | |
| domain | carrier-packets.net | — | 2025-11-04 | |
| domain | carrieragreements.com | — | 2025-11-04 | |
| domain | carrierpack.net | — | 2025-11-04 | |
| domain | carrierpacket.online | — | 2025-11-04 | |
| domain | carriersetup.net | — | 2025-11-04 | |
| domain | centraldispach.net | — | 2025-11-04 | |
| domain | claimeprogressive.com | — | 2025-11-04 | |
| domain | confirmation-rate.com | — | 2025-11-04 | |
| domain | dwssa.top | — | 2025-11-04 | |
| domain | fleetcarrier.net | — | 2025-11-04 | |
| domain | fleetgo0.com | — | 2025-11-04 | |
| domain | i-lovepdf.net | — | 2025-11-04 | |
| domain | ilove-pdf.net | — | 2025-11-04 | |
| domain | nextgen01.net | — | 2025-11-04 | |
| domain | nextgen1.net | — | 2025-11-04 | |
| domain | nextgen223.com | — | 2025-11-04 | |
| domain | officews101.com | — | 2025-11-04 | |
| domain | ratecnf.com | — | 2025-11-04 | |
| domain | ratecnf.net | — | 2025-11-04 | |
| domain | rateconfirm.net | — | 2025-11-04 | |
| domain | scarrierpack.com | — | 2025-11-04 | |
| domain | vehicle-release.com | — | 2025-11-04 | |
| domain | wjwrateconfirmation.com | — | 2025-11-04 | |
| hostname | ggdt35.anondns.net | — | 2025-11-04 | |
| hostname | qtq2haw.anondns.net | — | 2025-11-04 |