Hudson Rock, a cybersecurity firm established in 2020, has built a notable reputation in the threat intelligence sector, primarily focusing on data stolen via Infostealer malware. The proliferation of this type of malware has presented unprecedented challenges to businesses and individuals alike. This article delves into the intricacies of Hudson Rock’s formation, mission, the suite of tools they offer, and the strategic initiatives they employ to combat the escalating threat posed by Infostealer malware.
Formation and Mission of Hudson Rock
Hudson Rock was formed against the backdrop of a rising tide of Infostealer malware, which started gaining significant traction as a cybersecurity threat around 2019. Co-founders Roi Carthy and Alon Gal envisioned a company that could source cybercrime intelligence directly from threat actors, thus providing a unique advantage in the cybersecurity landscape. The company’s name, inspired by actor Rock Hudson, was chosen deliberately to stand out in a crowded field where most competitors often incorporate industry buzzwords.
The mission of Hudson Rock is compelling and clear: democratize access to cybercrime intelligence and make it available to a broader audience. By placing a spotlight on Infostealer malware, Hudson Rock has positioned itself to address a critical and growing threat in the cybersecurity domain. This malware, adept at lurking in systems and siphoning off sensitive information, represents a formidable challenge, and Hudson Rock’s goal is to provide valuable insights and necessary tools to help organizations and individuals protect themselves effectively.
Free Tools for Users
As part of its commitment to democratizing cybercrime intelligence, Hudson Rock offers an array of free tools that enable users to check their exposure to global Infostealer infections at no cost. Among these tools are the Domain Search, which allows users to identify compromised corporate and supply chain infrastructure, and the Email Address Search that aids in finding specific email addresses tied to employees, customers, users, and partners. These tools are invaluable for ensuring that potentially vulnerable points in a company’s cyber infrastructure are identified and addressed.
Further, the Android App Monitoring tool flags any credential compromises associated with specific Android apps, while the Technology Profiler pinpoints the usage of technologies such as Citrix, Webmail, and Confluence within companies. Additionally, the Password Hygiene Analyzer evaluates password practices within organizations to maintain domain-level password complexity based on actual exposed credentials. The visual interface and community API integration supporting these tools enhance their user-friendliness and effectiveness. More than 65 cyber intelligence projects utilize these tools, underscoring their robust utility. Importantly, Hudson Rock ensures no sensitive information is exposed, making these free tools not only powerful but safe for users to employ.
Cavalier Platform
Hudson Rock’s flagship platform, Cavalier, serves an essential role in cybercrime monitoring and notification. The platform provides actionable intelligence and alerts derived from data siphoned off via Infostealer malware. Initially, Cavalier was designed to streamline the daunting task of working with data obtained from Infostealers; it effectively filters and contextualizes this information. By distinguishing between stolen credentials belonging to corporate employees, users, or third-party services, Cavalier helps prioritize the most critical cases, thus bolstering the efficiency of the cybersecurity response.
In 2024, the platform underwent a significant redesign, expanding its capabilities to become a dual-purpose platform that includes advanced investigative tools and integrated AI capabilities for deeper analysis. This evolution transformed Cavalier, making it an indispensable tool for organizations looking to delve deeper into the data, automate processes, and enhance overall cybersecurity measures. Client feedback has highlighted the platform’s user-friendly interface combined with sophisticated API capabilities for seamless process automation, making it a favorite among organizations of varying sizes.
Cybersecurity Training Across Industries
Leonid Rozenberg, a prominent Cybercrime and Threat Intelligence Researcher at Hudson Rock, emphasizes the crucial need for cybersecurity training across all industry sectors. This training is indispensable for every company, regardless of its size, be it a small business, a large corporation, or a government organization. By understanding the mechanisms through which Infostealer malware spreads—like phishing emails, fake ads, or pirated software—employees can navigate digital landscapes with greater awareness and precaution. Hudson Rock’s analysis of over 30 million infected computers underlines that cybersecurity training can significantly curb inadvertent exposure to cyber threats.
Moreover, Rozenberg stresses the importance of adhering to cybersecurity policies and being aware of common pitfalls, such as performing work on personal devices or the risks associated with running potentially malicious software. These measures are not just preventive but fundamental actions in maintaining sound cyber hygiene. Across industries, the focus on comprehensive and continuous cybersecurity training ensures that employees become the first line of defense against Infostealer malware and other cyber threats.
Threats Faced by Hudson Rock
While Hudson Rock’s primary focus is on delivering actionable intelligence to customers, the firm does occasionally assist with professional inquiries from authorities, reflecting its dual capability in intelligence provision and law enforcement collaboration when necessary. Unlike many cybersecurity firms, Hudson Rock does not prioritize reporting cybercrimes directly to law enforcement unless in specific professional contexts. This strategic stance allows them to concentrate their resources and expertise on providing high-quality, actionable intelligence to their customer base rather than getting entangled in protracted legal processes.
Bayonet Product
Bayonet stands out as another innovative product from Hudson Rock, serving as a Sales Prospecting & Enrichment Tool specifically designed for Cybersecurity Sales Teams and Managed Security Service Providers (MSSPs). This tool leverages data from Hudson Rock’s extensive repository, filtering actionable sales insights and eliminating non-relevant technical noise. Bayonet enables third-party companies to search for compromised assets relevant to their products or services, optimizing the efficiency of their sales processes.
By sourcing data from Infostealer logs, Bayonet allows users to perform keyword searches that can uncover significant leads. For example, identifying over 20,000 companies using Single Sign-On (SSO) policies showcases Bayonet’s utility in providing actionable intelligence. This tool has proven invaluable for sales teams, who gain substantial leads and insights into potential vulnerabilities or areas requiring enhanced security measures, ultimately contributing to stronger cybersecurity postures and successful sales engagements.
Prevalence of Compromised Domains
As of January 2025, a detailed analysis conducted by Hudson Rock of more than 30 million infected computers revealed approximately 11.6 million compromised domains. This showcases the widespread and persistent threat posed by Infostealer malware. The advanced data parsing and storage technology integrated into tools like Bayonet and Cavalier allow users quick access to critical intelligence, facilitating swift and informed decision-making. Hudson Rock emphasizes that their intelligence is derived exclusively from Infostealer infections rather than actively scanning for specific company vulnerabilities, ensuring a targeted and refined approach to cybersecurity intelligence dissemination.
Connection to IDF’s 8200 Cyber Unit
The contribution of Hudson Rock to the cybersecurity landscape is further underscored by the military-grade cyber intelligence methodologies practiced by the firm. A significant factor in shaping Hudson Rock’s approach has been the experience of Co-Founder and CTO Alon Gal with the Israeli Defense Force’s (IDF) renowned 8200 Cyber Unit. This experience, combined with the expertise of several other Israeli military veterans employed at Hudson Rock, has endowed the company with unparalleled insight and proficiency in both research and development as well as intelligence analysis.
Advice to Victims of Data Leaks
Hudson Rock provides crucial advice for victims of Infostealer infections. They strongly recommend immediately changing all passwords to prevent threat actors from monetizing the stolen information or at least minimizing potential damage. It’s also imperative to examine credentials stored in browsers’ built-in password managers and invalidate cookie sessions, thereby negating the possibility of bypassing multi-factor authentication (MFA). Additionally, users are advised to avoid storing sensitive information in browsers, use unique and strong passwords for every account, and remain vigilant regarding how Infostealers are delivered, such as through phishing emails and fake ads.
Services and Solutions Offered by Hudson Rock
Hudson Rock’s specialization lies in understanding and mitigating threats emanating from data stolen through Infostealers. Their intelligence addresses cyberattacks, including ransomware, corporate espionage, account takeovers (ATO), business email compromise (BEC), money laundering, fraud, and more. The adaptable solutions provided by Hudson Rock cater to various use cases, serving the needs of different sectors, from companies seeking to protect their employees to government agencies engaged in deep data investigations.
Nation-State Adversaries
Nation-state adversaries present a unique challenge in the cybersecurity realm, operating with extensive budgets, access to advanced technologies, and leveraging state intelligence resources. Such adversaries are particularly challenging to track, given their preference for discreet operations, unlike traditional cybercriminals who frequent underground forums. These states can use Infostealer logs for intelligence-gathering and cyberespionage campaigns, reflecting a confluence between financially motivated cybercrimes and state-sponsored activities. Hudson Rock’s continuous monitoring and cutting-edge research are crucial in staying ahead of these advanced threats, emphasizing the importance of their work in the global cybersecurity landscape.
Cybercriminals’ Adoption of New Technologies
Hudson Rock, set up in 2020, has quickly earned a solid reputation in the cybersecurity world, particularly in the field of threat intelligence. They focus extensively on countering Infostealer malware, which has become a significant concern for both businesses and individuals. Infostealer malware is a type of malicious software designed to steal sensitive information, creating severe security challenges.
This article examines the core elements of Hudson Rock’s establishment, its foundational mission, the variety of tools it brings to the table, and the tactical measures it takes to tackle the rising issue of Infostealer malware. Hudson Rock’s mission centers on safeguarding data integrity and providing solutions to mitigate the risks posed by cyber threats.
By deploying advanced threat intelligence tools, Hudson Rock aims to identify and neutralize malware before it can inflict damage. Their suite of tools includes comprehensive detection systems and proactive defense mechanisms designed to protect against the evolving landscape of cyber threats.
The firm’s strategic initiatives emphasize continuous improvement in threat detection and response, staying ahead of cybercriminals who develop increasingly sophisticated methods to exploit vulnerabilities. By understanding the latest threats and employing cutting-edge technology, Hudson Rock plays a critical role in defending against the dangers posed by Infostealer malware, thus ensuring a safer digital environment for all their clients.
