Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Altipal

Group: dragonforce

Discovered by ransomware.live: 2024-05-13

Estimated attack date: 2024-05-13

Country: CO

Description:

Marketing and distribution of leading brands in the market, accompanied by a team of extraordinary, passionate, committed and enterprising people.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 70

Compromised Users: 23

Third Party Employee Credentials: 34

External Attack Surface: 24


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • alt1.aspmx.l.google.com.
  • aspmx2.googlemail.com.
  • aspmx5.googlemail.com.
  • aspmx3.googlemail.com.
  • aspmx.l.google.com.
  • aspmx4.googlemail.com.
  • alt2.aspmx.l.google.com.
TXT Records
  • atlassian-domain-verification=BcsHd2sOQoB3HtuhJ6t0FdQSDoENVdvineodmvWzurZ0vN5jMsRx27Gz9YhAtvRt
  • facebook-domain-verification=kxuy0awg0s7354r1j36xy2nu7kuk5f
  • google-site-verification=3qh6n0GMlUMNyLuM9jmkoQTac_hL8fwfxz0R_1OO8yc
  • v=spf1 ip4:190.217.22.0/26 ip4:23.111.128.126 ip4:190.144.195.121 ip4:190.144.218.17 ip4:34.73.245.254 ip6:2604:4500:0:64a:ec4:7aff:fe6c:ae10 include:_spf.google.com include:_spf.salesforce.com ~all
  • atlassian-sending-domain-verification=689102c9-f617-40b5-8970-551c8ee4b5be
  • cisco-ci-domain-verification=3cd946bc2ecc8ed7933817841abb6677a50f8c5589377338d224787bcd0c7946
  • google-site-verification=s7Lw7d6WLsZ8cUImmQ7u4FGir-THdL4-cm66cgW6qHQ
Cloud / SaaS Services Detected
Atlassian Salesforce Cisco