City of Modesto, CA
City of Modesto, CA
Group: snatch
Discovered by ransomware.live: 2023-03-27
Estimated attack date: 2023-03-28
Description:
Proudly serving, protecting and partnering with our community for a safer Modesto.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 2
Compromised Users: 11
Third Party Employee Credentials: 2
External Attack Surface: 19
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain.operations web.com
MX Records
- mxb-00873e01.gslb.pphosted.com.
- mxa-00873e01.gslb.pphosted.com.
TXT Records
- google-site-verification=2rDIQrBnpreX1Cwxp00oAHTsPOliqY6_2WU5gL76FVY
- s77c1hcfmr5rjb7yc5lbh0lq5zyn9mgr
- v=spf1 a mx ip4:148.163.153.133 ip4:148.163.149.159 ip4:23.21.109.197 ip4:23.21.109.212 ip4:208.90.188.0/22 ip4:207.38.72.0/21 ip4:147.160.167.0/26 ip4:192.196.0.0/24 ip4:162.246.160.48/28 ip4:207.212.199.68 ip4:207.212.199.92 ip4:207.212.199.93 ip4:74.11" "4.66.241 include:spf.protection.outlook.com include:zohomail360.com ~all
- apple-domain-verification=UXfWtivJqphnqLzn
- MS=ms86136601
- docusign=d5b6b704-4842-499d-982b-1804d9c1dcdf
- google-site-verification=vLSqRPf8o3QYsYM-fM8bpVsUfVpMxrqR_Cl5IXEw0s4
Cloud / SaaS Services Detected
Apple
Microsoft 365
DocuSign
Leak Screenshot:
