Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

AUROBINDO.COM

aurobindo.com

Group Clop
Discovered 2022-12-22 20:02 UTC
Est. attack date 2022-12-22

Description:

Pharmaceutical Manufacturing and Exports, Research and Development in Pharma – Aurobindo Pharma

Infostealer activity detected by HudsonRock

Compromised Employees: 17

Compromised Users: 1

Third Party Employee Credentials: 25


External Attack Surface: 6


Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • lakshman.nallaaurobindo.com
  • raghureddyAUROBINDO.COM
  • abuse-contactpublicdomainregistry.com
MX Records
  • mail.aurobindo.com.
TXT Records
  • d5f6sj8u4llsfu3u155t5vjeoq
  • duo_sso_verification=eDQUC7kEzcqYRZXGebZi6blhrSpbYvBkfxyJsAFBnrlxefHePfJf8qx4UHQIIrEd
  • google-site-verification=0RzEzS6JFnILCv7-6vrfA46JwiJBpH12XUGgpS0uP7E
  • v=spf1 ip4:125.17.120.136 exists:%{i}.spf.hc6377-9.iphmx.com include:spf.protection.outlook.com -all
  • zoho-verification=zb84851850.zmverify.zoho.in
  • MS=ms73175255
  • OZX6SUkGIsryi374tzpsNCA2kdBgeJ1Mpxr2KqTKMouv8Fg5r3iwAVq2risSZkTU3eSfpZpb8O5O1H/7hPgnbA==
  • RXxdSVfDm2D632i1bzE3bokepZLSfi2Ihh2QYGZRb940rPEUiNhk0++OkklXvl+7dbhvjjwisM1aXBe7PdpEtQ==
Cloud / SaaS Services Detected
Microsoft 365 Zoho Campaigns Cisco Duo

Leak Screenshot:

Leak Screenshot