Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks


Group Play
Discovered 2024-06-23 21:17 UTC
Est. attack date 2024-06-10
Country US

Description:

United States

Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 0

Third Party Employee Credentials: 24


External Attack Surface: 2


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • 246a289b871eea3774230028c22765d3cbc86cd4cf82b41567cd5857fbcdd1bebelletire.com.whoisproxy.org
  • 246a289b871eea3774230028c22765d33fb1508d118626dc6357db6f895adf9fbelletire.com.whoisproxy.org
  • trustandsafetysupport.aws.com
  • 246a289b871eea3774230028c22765d3c193ea95bae63391c73b23e60ac525cbbelletire.com.whoisproxy.org
  • 246a289b871eea3774230028c22765d3806efe665659299cb9883e44c7421070belletire.com.whoisproxy.org
MX Records
  • belletire-com.mail.protection.outlook.com. Microsoft 365
TXT Records
  • 00D5e000000IgEh=1TBS600000005Nu
  • 00D5e000000IgEh=1TBS60000000DEz
  • MS=E58B0C86974613BA19CEDFE6F3151ABCFB4F866E
  • anthropic-domain-verification-2c8ybk=dlc6TFoLVV0WQSIHDx4UuaGBT
  • atlassian-domain-verification=jpthlraVfADTUScQ76gmakRWLMigReekFCxFw4xPh6asspA2hMcGUdmcaAa6ZmaX
  • cursor-domain-verification-smz704=RqNW2JiybHvi1WYWggJXmG7j2
  • duo_sso_verification=FWQ6f38RksOQnueyLIMGkefZQO94EsEHCiJOEbEzCuFsTDpc9qdgRy3dF62bqyjT
  • facebook-domain-verification=yjjnxl99xshjtkljg8echx7gbm48v6
  • v=spf1 include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email ~all
Cloud / SaaS Services Detected
Atlassian Anthropic Cisco Duo

Leak Screenshot:

Leak Screenshot