Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo CUANSWERS.COM

Group: clop

Discovered by ransomware.live: 2023-06-15

Estimated attack date: 2023-06-15

Description:

Home - CU*Answers

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 11

Third Party Employee Credentials: 0

External Attack Surface: 3


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse misk.com
MX Records
  • corpmail.cuanswers.com.
TXT Records
  • google-site-verification=grTgupnAGYdTsERitntU4tAzjr9waSf2m6VG0KtqnKc
  • tph0pp1dc0brgsu4rvdh89ff6
  • 7e34mp0fm6k84u9jofegp8t7hd
  • v=spf1 a mx " "ip4:63.150.21.0/24 ip4:63.236.240.0/24 ip4:63.239.100.0/24 ip4:216.206.109.0/24 ip4:216.111.149.128/25 ip4:104.36.51.0/24 ip4:104.36.52.0/22 " "include:spf3rdparty.cuanswers.com include:spf.constantcontact.com include:spf.mandrillapp.com " "include:spf.myconnectwise.net include:cuanswers-com.spf.smtp25.com include:spf.zixport.com -all
  • duo_sso_verification=hlceLhRjSrFyKKYsVv2If2l2erO9JZX6ZJhkJRbpzG1jePpX3FQPdaaIT5TA4QyM
  • MS=ms13974280
  • bEP5c9wq7fKnZj7dc+esPA==
Cloud / SaaS Services Detected
Microsoft 365 Mandrill Cisco Duo

Leak Screenshot:

Leak Screenshot