Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

CGG.COM

cgg.com

Group Clop
Discovered 2022-12-22 20:02 UTC
Est. attack date 2022-12-22

Description:

CGG: Global Technology and HPC leader

Infostealer activity detected by HudsonRock

Compromised Employees: 9

Compromised Users: 62

Third Party Employee Credentials: 43


External Attack Surface: 68


Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operationsweb.com
MX Records
  • cgg-com.mail.protection.outlook.com. Microsoft 365
TXT Records
  • atlassian-domain-verification=wzOCtpcs9QiuJ5f3lZCwzYRxNPbC2S2cW1SBm4WFv2QTPLPD6sA3ZOpVilcXery8
  • docusign=1d8c6d15-63e8-45dd-875e-39b80e07aeea
  • google-site-verification=cudhcnarDJ45PEzJXh7MW5zAyv7id1x5ej8tZrJVwXk
  • _203aah8wqvtshcpwc4b7dmk5eckzee7
  • anthropic-domain-verification-y0b5mw=WxA7QJ2H5qq6po14oCVujv5Pa
  • 49g15pa6od24idb41rtm78m1si
  • v=spf1 ip4:95.215.236.243 ip4:95.215.236.167 include:spf.protection.outlook.com include:_spf1.viridiengroup.com include:_spf2.viridiengroup.com include:_spf3.viridiengroup.com include:mailgun.org -all
  • UBQI0A2AWCQDFP0MTY26FB2567609YPDGVQUPP6GGMJIOICV2HXYOB6QUPQB22X4
  • asuid.earthlibrary-pentest C8BF003827089D81350BF16CE0D481792AC21FD0B7F97480FEAFA263326CBDDC
  • s6kpxh5mp6h0fjvkc2hsl627bbpptqw3
  • jamf-site-verification=n2-WVBkeW2xkuVBuO4mvng
  • 93D82E88BBAEDDF90BD28AB298C360F28210BE594780AAC0EFF4A487FAB4809E
  • atlassian-sending-domain-verification=20e8ada7-dd7d-44fb-960b-68cf653d6b44
  • zscaler-verification-984900-02122026-DQR0WGMy
  • UBQI0A2AWCQDFP0MTY26FB2567609YPDGVQUPP6GGMJIOICV2HXYOB6QUPQB22X
  • auacnj93v0mqorigol86g7bo9j
  • 95AA4DA1639E86258EF877B526959860A34E0E9C44EED5CAC11D80006654EE90
  • _btfnuzhnjtx4t4426zrlbsd1mxu28nu
Cloud / SaaS Services Detected
Atlassian Anthropic JamF Mailgun Zscaler DocuSign

Leak Screenshot:

Leak Screenshot