CONVERGEONE.COM
CONVERGEONE.COM
Group: clop
Discovered by ransomware.live: 2023-07-26
Estimated attack date: 2023-07-26
Description:
Connected Customer Experiences - ConvergeOne
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 19
Compromised Users: 27
Third Party Employee Credentials: 24
External Attack Surface: 76
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain.operations web.com
MX Records
- mxa-00239201.gslb.pphosted.com.
- mxb-00239201.gslb.pphosted.com.
TXT Records
- Vg3IBQDOTj95A/NTRlyTHCAYz197YVHRYz/TPAsdjF1WPASwZFo1JkNoGzutNcuMAUyBjXKCRnNsz/0vvhT6jw==
- ZOOM_verify_AmYKCkXxjfdxuVQZn99Nvu
- apple-domain-verification=UERgeaIQKGBF7nvn
- atlassian-domain-verification=P+rTGUqtqrhOVcMEAqN3eiLhLheJu+DBhyhIfC0KjnwRJLoElPFmb4VON1GwE7MT
- atlassian-domain-verification=p4lJBHncCCAudpdJ6NqBmCaEnC3TsZ5vW4oh4AIFw8ku8jYTJMgAJme5gERSAa2N
- atlassian-sending-domain-verification=8f44678a-e510-4cb8-b1f6-87f2fbf21a22
- docusign=b135d2ad-1341-44d8-ab40-9204c61aac6e
- docusign=cd0f60c1-f6ba-44dd-a201-99a950eaab71
- google-site-verification=8zc6T6XnQJMu0Dl-rrwAhApwMJ1TlH9NKjI5GM1_QYg
- intacct-esk=78EE9751E0BA1A41E053AA06A8C0C50A
- smartsheet-site-validation=LMDk_yHYjNvOZv6ky8rSOnbgIB0Ep08H
- v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com -all
- 1187b82a7c4879dcd9804814f418174e19f9f9ddf0e1613b2c06ab53e1b919b9
- MS=ms60072977
Cloud / SaaS Services Detected
Apple
Atlassian
Microsoft 365
DocuSign
Proofpoint
Zoom
Leak Screenshot:
