AQIPA
AQIPA
Group: alphv
Discovered by ransomware.live: 2023-11-29
Estimated attack date: 2023-11-29
Description:
As a result of an attack on the corporate network of AQIPA.com, we obtained hundreds of gigabytes of data: - trade secret information (NDAs, lists of clients with full information about them, current and future projects of the company, development strategies and plans) - personal data of employees and clients (passports, insurance, driver's licenses; login data for personal accounts, social networks and messengers, etc.); - information disclosing the peculiarities of operation - non-public reporting documents concerning finance, management, HR, etc.
DNS Records:
The following DNS records were found for the victim's domain.
- abuse key-systems.net
- abusereport key-systems.net
- info domain-contact.org
- de-smtp-inbound-1.mimecast.com.
- de-smtp-inbound-2.mimecast.com.
- cjwbEfgXRyGUOeYcCwozQZtDKVZhxNU4iESAY5l0wrpcP4mNSQphUzwIvGzqhapB1j9QcvOux7+iphjmMiAN/A==
- cisco-ci-domain-verification=3662d9ac29bbeda9695248e4a72085ae97adafb5460593b89b9f876a15862004
- @=0ed1fe018a10406c99e1dc41b1ad0844c711672ec9
- atlassian-domain-verification=j8UMIADO1YAdw1J05K9LWHmq1bkUYeUqjq2n532riPj09kW4nwO18nocd8H3H7iS
- MS=8FBB2240613AD39BF3CB7E7DB024CAF75A2EE482
- google-site-verification=dU5pTCPESZMyoB8_Y6PL3v_mqsHrF_0scwpjBaEcGGU
- v=spf1 include:de._netblocks.mimecast.com ip4:91.112.104.200/32 ip4:83.219.167.76/32 ip4:83.175.124.116/32 ip4:83.219.167.68/32 include:_spf.atlassian.net include:spf.protection.outlook.com -all
- offensity-domain-verification=e09312250d3485594eee5009328063c92927a09aa7f7a576cddc40028f1ad1da
- 0ed1fe018ac2938448572e4b3d9c9212f67d71c748
- atlassian-sending-domain-verification=457b6bb4-b1aa-4109-bd95-f0b6d0039853
Leak Screenshot:
