Air Canada
Air Canada
Group: bianlian
Discovered by ransomware.live: 2023-10-11
Estimated attack date: 2023-10-11
Country:
Description:
Air Canada is Canada's largest airline and the largest provider of scheduled passenger services in the Canadian market, the Canada-U.S. transborder market and in the international market to and from Canada.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 6735
Third Party Employee Credentials: 2
External Attack Surface: 100
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domainabuse cscglobal.com
MX Records
- 30849360.in2.mandrillapp.com.
- 30849360.in1.mandrillapp.com.
TXT Records
- v=spf1 include:mailgun.org include:spf.mandrillapp.com include:spf.protection.outlook.com include:_relay.amadeus.com ip4:64.7.120.0/24 ip4:80.231.134.0/24 ip4:216.52.91.239 ip4:74.121.165.168 ip4:74.121.165.169 ip4:184.73.173." "20 ip4:82.150.225.79 ip4:75.98.19.76 ip4:216.71.129.12 ip4:216.71.132.12 ip4:216.71.129.14 ip4:216.71.132.16 ip4:216.71.133.86 ip4:216.71.129.191 ip4:52.40.7.215 ip4:50.112.40.214 ip4:171.17.133.140 ip4:34.216.216.22 ~all
- sending_domain1014382=143d620760db9354f5f4c78a2d303561d7f45b21e8a76b85c8c9cd1446ecad1f
- 2l49m6wpnp1z9f73wjdxvwjgd2ncc79c
- pardot538133=dfe8e409913242af4bcac56dc70cca85992832f4a0bf17290ab4ea04068f1aac
- sending_domain538133=62f5b847cc172bccab52fb7b2c05f57babd358b9a567acba758e3da1adf6c1c5
- pardot1014382=1a60e433e83cee62786f3032a4b9a1cf77b5cb80126d47a33a6a23e24a15053f
- facebook-domain-verification=qdit6bufa56nas6nf2g4blgxc5mc7v
- if4jonuej7p1f624hhjj8i8mvb
Cloud / SaaS Services Detected
Salesforce
Mailgun
Mandrill
Leak Screenshot:
