Belle Tire
Belle Tire
Group: play
Discovered by ransomware.live: 2024-06-23
Estimated attack date: 2024-06-10
Country:
Description:
United States
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 1
Compromised Users: 0
Third Party Employee Credentials: 24
External Attack Surface: 2
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- trustandsafety support.aws.com
- 62a5b138-c8f2-417b-8e7d-14e5655dc9f3 identity-protect.org
MX Records
- belletire-com.mail.protection.outlook.com.
TXT Records
- v=spf1 ip4:50.173.129.42 include:spf.protection.outlook.com include:amazonses.com include:_spf01.mykronos.com include:_spf.psm.knowbe4.com include:mailgun.org ip4:216.46.93.237 ip4:216.46.96.238 ip4:216.46.96.239 ip4:12.104.201.5 -all
- MS=E58B0C86974613BA19CEDFE6F3151ABCFB4F866E
- atlassian-domain-verification=jpthlraVfADTUScQ76gmakRWLMigReekFCxFw4xPh6asspA2hMcGUdmcaAa6ZmaX
- duo_sso_verification=FWQ6f38RksOQnueyLIMGkefZQO94EsEHCiJOEbEzCuFsTDpc9qdgRy3dF62bqyjT
- facebook-domain-verification=yjjnxl99xshjtkljg8echx7gbm48v6
Cloud / SaaS Services Detected
Atlassian
Amazon SES/WorkMail
Mailgun
KnowBe4
Cisco Duo
Leak Screenshot:
