GRACE.COM
GRACE.COM
Group: clop
Discovered by ransomware.live: 2023-07-14
Estimated attack date: 2023-07-14
Description:
Home
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 1
Compromised Users: 43
Third Party Employee Credentials: 15
External Attack Surface: 7
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse key-systems.net
- abusereport key-systems.net
- info domain-contact.org
MX Records
- mxa-0072a401.gslb.pphosted.com.
- mxb-0072a401.gslb.pphosted.com.
TXT Records
- mpdu66jqpkjprvk3lq1dhhmqge
- 0f312a72-23a0-4938-8466-22e9e3c25bd1
- 61eabda9-1238-42bd-b8c1-37f5edf1e54d
- apple-domain-verification=L8Jbzs85UCNnaQ6F
- sqExEFZz300nw904a9-Zb-48SR7F7VvGmJZ-jWmBfh8
- knowbe4-site-verification=cf0f3697fa89eda4bab171a85985276d
- google-site-verification=1HeESBg9qJ1D-MLqtuZUYT5r9wkrA8J_Q0eNiwkL-9U
- google-site-verification=VMPRgSBGUJ7LtY8EUKj_YcwrA8U5Gvd9fV_W8BRc3rY
- pardot709933=b4a061339452b6a8303760f99f9bc28e399a0d14b9b660765bf97ae7d6df9cb9
- KmJTQLMCY6yui5jWW5CfexeTMIHwglb/IHvYsuKQT87Bgn9VozUnpkPwDgujtURnthuWrIxQxGUScTlbGesKcg==
- paloaltonetworks-site-verification=fa90ebbd44f90ac5c1d16b4e23993b4c34a8e988d50f56a65c00d1f4ae4081b0
- v=spf1 +mx ip4:65.207.73.137 ip4:65.207.73.138 ip4:205.220.182.57 ip4:205.220.170.57 include:spf.protection.outlook.com include:aspmx.pardot.com include:_spf.salesforce.com include:mailgun.org -all
- MS=ms77799138
Cloud / SaaS Services Detected
Apple
Microsoft 365
Salesforce
Mailgun
KnowBe4
Leak Screenshot:
