Quick Summary
AllegedExecutive Summary
Infinedi, a company operating in the technology sector, has been identified as a victim by the Settra ransomware group. The incident was logged on June 30, 2026, as reported by SOCRadar’s Dark Web Monitoring service. While the specific country of operation was not mentioned in the listing, Infinedi’s inclusion aligns with Settra’s recent targeting pattern which favors technology and business services sectors. This listing is part of a larger trend of increased activity from the Settra group.
Technical Analysis
SOCRadar’s analysis revealed that the `infinedi.net` domain was exposed in stealer logs, yielding 25 credential records. These credentials were identified as external or partner accounts for Infinedi-owned portals, rather than internal employee logins. Affected endpoints included the customer web portal’s password reset and account recovery functions, the epay payment portal, and an enrollment portal. The data capture window for these credentials was from March 21 to June 26, 2026, indicating recent compromise. This type of credential exposure is a common initial access vector for ransomware groups like Settra, who exploit these credentials to gain access to company systems. The primary risk identified points to customer account takeovers and supplier risk, with persistent harvesting of external accounts evident. While these credentials may not have been directly used by Settra in this specific incident, the pattern is consistent with the type of access that precedes such attacks. Organizations are advised to implement continuous monitoring, enforce MFA on all portals, and conduct regular credential hygiene checks.