Concord
Concord
Group: Play
Discovered by ransomware.live: 2024-10-15
Estimated attack date: 2024-10-15
Country:
Description:
United States
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 4
Third Party Employee Credentials: 4
External Attack Surface: 0
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse gcd.com
MX Records
- concord-com.mail.protection.outlook.com.
TXT Records
- CF57D1CC04
- MS=ms22806873
- apple-domain-verification=1swTqydU2U9LhckG
- wiz-domain-verification=b9a1d4343d3700b8e3019d78881253786b3e4779c417508d7d25c670ce8f40fb
- C0O1N14100
- v=spf1 include:spf.protection.outlook.com ip4:166.90.117.104/29 ip4:12.7.184.165 ip4:12.180.8.90 ip4:98.153.109.210 ip4:34.205.237.204 ip4:34.138.22.0 ip4:23.21.109.197 ip4:23.21.109.212 ip4:147.160.167.0/26 ip4:205.201.128.0/20 ip4:198.2.128.0/18 ip4:148" ".10" "5.8.0/21 ip4:166.78.70.136 ip4:54.240.48.0/24 ip4:149.72.231.47 ip4:168.245.106.99 include:_spf.sendergen.com include:_spf.regroupcloud.com include:sendgrid.net include:_spf.salesforce.com include:spf.mandrillapp.com include:_spf.createsend.com include:ma" "il.zendesk.com -all
- klaviyo-site-verification=JX8MLg
- airtable-verification=9d13f31075a3de3342729de5f2856b99
- atlassian-sending-domain-verification=61fdbb80-0995-4225-be16-7885e7f1ec04
- docusign=bd99e322-50c7-42d4-b0a7-300a32028ce9
- amazonses:Mv2aqaEBuRDTPS4NyOGUJUNGN7v6JAE4iUafr4YgAIg=
- klaviyo-site-verification=TDVh8j
- dropbox-domain-verification=t326yihgyplk
- ZOOM_verify_QcFFkqM2z2b1BZRES9sSm9
- smartsheet-site-validation=eDbAMX2BtzHDbgF4FqILs0y0108rZ8iC
- atlassian-domain-verification=AESsxwt7JNsYySbta2Hng4bWyQaPFjyAKhoXera5Doz7hWOJU4I8yRNG0PDUZYZX
Cloud / SaaS Services Detected
Apple
Atlassian
Amazon SES/WorkMail
Dropbox
Microsoft 365
Salesforce
Box
Mandrill
SendGrid
DocuSign
Zoom
Leak Screenshot:
