Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo City of Newburgh

Group: blackbyte

Discovered by ransomware.live: 2024-06-22

Estimated attack date: 2024-06-22

Country: US

Description:

City of Newburgh

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 0

Third Party Employee Credentials: 1

External Attack Surface: 1


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • ncrispino cityofnewburgh-ny.gov
MX Records
  • cityofnewburgh-ny.gov.mx2.rcimx.com.
  • cityofnewburgh-ny.gov.mx3.rcimx.com.
  • cityofnewburgh-ny.gov.mx1.rcimx.com.
TXT Records
  • MS=ms82774316
  • duo_sso_verification=osiPxuDG4zzJ4RxfpLazsTXcA1GBQuePKRIYNAvBWZxsJMLKQ5iVX7SUrS6Z1iTc
  • v=spf1 include:spfa.cpmails.com ip4:208.80.200.0/21 ip4:64.72.89.41/32 ip4:131.239.97.38/32 ip4:144.121.64.248/29 mx a:mail.cityofnewburgh-ny.gov include:rcimx.com include:_spf.google.com include:spf.protection.outlook.com -all
  • DeOBAalQ3jGpJv/F3qPaiJleBTUd84JwHFhs7L8u0FZHLKo0H3kC7fKJax8ycMtS9snknQFg2yTlOCbxy9mQeA==
Cloud / SaaS Services Detected
Microsoft 365 Cisco Duo