BMW Алдис
BMW Алдис
Group: malas
Discovered by ransomware.live: 2023-04-09
Estimated attack date: 2023-04-09
Description:
using Zimbra vulnerability
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domainabuse cscglobal.com
MX Records
- mx2.hc324-48.eu.iphmx.com.
- mx1.hc324-48.eu.iphmx.com.
TXT Records
- MS=ms55083425
- wiz-domain-verification=2571e83621dca3f606c3fd4bedd8cef9bc52af789f348c55e7cada9bcbdc7791
- xb4vsm2k8p7kh17fhjf3hcr593bllf63
- brevo code: 5a69ccf2dd3a7bc1ff89aecae02fa1ba
- google-site-verification=7qhHl1QEE0eXqplmX6Fyvn6NlQMKseN4ScxwyjqSNM8
- webexdomainverification.=30df38a5-6fc4-4b16-85a4-c52cd45e1740
- webexdomainverification.=dc6328a3-9618-44e7-8569-95a5c6118407
- webexdomainverification.=4c5b1d7e-e1b7-43e2-9587-901191bcdab4
- google-site-verification=y48_Huwdcv0YgVkAv4d-hd7WFAjJtr_tn9FH-vjUu34
- 4996ceae-a56f-4270-877a-6434650eaa1a
- cisco-ci-domain-verification=77c5ff0ea7e9edf0c6bca294ff8ba9a2342ad0de45a960a21631fb9b1f1f03db
- IjFiuUOj36RbwTO8cBQddNhQgCOFQ9ZWYisbdZ4T9aI=
- _globalsign-domain-verification=Bg6RK_AQsh0j4FYIDmqripBhaDLJv1OEpNYW-fCfqV
- _globalsign-domain-verification=7K67NoJHKSxuL2KsQVatK9FvHj28XGsIRqaJyy27pY
- atlassian-domain-verification=tH2LhIuI8YV9tLrL3RpNDPKBrBnLILxDAowQt8J1igpJNPKIK2a4uGhBaLuymeDh
- bw=v4xoqexo2ugAIXVT1hrePr6lKOBtWdCjjn2dPoipHKjA
- google-site-verification=cbI25QNli6OEtZxKtPDv0glH3A0SkB-nWQ-aZt8Tr9E
- facebook-domain-verification=7qshqm5nhxp077vc3pjcuzh8prtzzf
- Dynatrace-site-verification=b7c1e591-49bf-46db-aea0-4ba1064710cc__h9acrq10pl6aodc853ofh936se
- google-gws-recovery-domain-verification=55334320
- swisssign-check=i7aNotoi5s_BjBa7Qz_Y-X-XMHI
- v=spf1 exists:%{i}.spf.bmwgroup.com include:servers.mcsv.net include:_spf.salesforce.com include:elaine-asp.de -all
- adobe-sign-verification=15bb0cf14babc7e7f78038ee6a1fcdb9
- google-gws-recovery-domain-verification=54945363
- MS=ms60515415
Cloud / SaaS Services Detected
Atlassian
Microsoft 365
Salesforce
Cisco
Cisco Webex
Leak Screenshot:
