Blue Planet
Blue Planet
Group: fog
Discovered by ransomware.live: 2025-03-06
Estimated attack date: 2025-03-05
Data exfiltrated: 180 GB
Description:
Extract from The 19 biggest gitlabs
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 1
Compromised Users: 1
Third Party Employee Credentials: 1
External Attack Surface: 7
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domainabuse cscglobal.com
MX Records
- mxa-00103a01.gslb.pphosted.com.
- mxb-00103a01.gslb.pphosted.com.
TXT Records
- facebook-domain-verification=bo37bxthrb0413pvjc7lj4sy1jezji
- google-site-verification=dPyynkTuvaGcKoiJrFZ5K5tc0yrjPswDCfpWmXlvcwo
- google-site-verification=pMS-A_ODJN5iAyKsWdNPWn1ZfqgcyVicaMU4vvcTXoo
- miro-verification=1669f9fbb641794a54eddb964bd1fe572e89959c
- v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all
- adobe-idp-site-verification=034210a15b8e70e227fdf3fe74f1c7f7781ba62892475a6977d4787a8b2c74c1
- atlassian-domain-verification=RPsyuqOa19vjyzRBqf4i+0PK0yjbRTK/rieRabLpFh5hIjSt2UuqLCYYnnuhczWU
- docker-verification=91caf02d-2a4e-4660-bab6-2dc25cb1ca19
Cloud / SaaS Services Detected
Adobe
Atlassian
Miro
Proofpoint
Leak Screenshot:
