Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo DOREL Industries

Group: blackbasta

Discovered by ransomware.live: 2023-04-23

Estimated attack date: 2023-04-23

Country: CA

Description:

Millions enjoy Dorel Industries products daily. Our juvenile brand is recognized globally by consumers for safety, comfort, innovation and fun. Established in 1962, Dorel creates style and excitement in equal measure to safety, quality and value. The Company’s safety and lifestyle leadership is pronounced in both its Juvenile and Home categories with an array of trend-setting, innovative products. Dorel Juvenile’s powerfully branded products include global juvenile brands Maxi-Cosi, Quinny and Tiny Love, complemented by regional brands such as Safety 1st, Bébé Confort, Cosco and Infanti. Dorel Home markets a wide assortment of both domestically produced and imported furniture products, principally within North America. Dorel Industries Inc. has annual sales of US$1.7 billion and employs approximately 4,200 people in facilities located in twenty-two countries worldwide.SITE: https://www.dorel.com Address 255 Greene AvenueSuite 300Westmount, QuebecCanada H3Z 2A4Tel: +1 514 934 3034


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • mxa-005fee01.gslb.pphosted.com.
  • mxb-005fee01.gslb.pphosted.com.
TXT Records
  • +fXW3LPQBjbxMPac3NoVSD5RN7uT2LY1hacwROh8MDYAR2RNpZscmDdb/wUiotKYm6glzcMmDN1kAjxSPgjZ6Q==
  • _y48q9nhcd3n6spx83uy613lztdk7bx5
  • spf2.0/pra mx include:spf-005fee01.pphosted.com include:spf.protection.outlook.com include:mail.zendesk.com include:_spf.getresponse.com include:awii.dorel.com ip4:62.233.106.194 ip4:167.89.73.249 ip4:71.14.240.66 ~all
  • duo_sso_verification=MYIKDQoUqbOtrXmdkQ2SxdTlJiMB9rdaiw3LSXXXDEZTk2GDDunTkrDkzUsAydS1
  • atlassian-domain-verification=vMsPNZxtEWGwC4MHwsg3tdGtdia09Og/IEJKPoAg+fzub5dg7vg9jWGhsEZcG6GI
  • 1xzcxncfwhyvj4sh3j2xmt4g4dltrh0j
  • openai-domain-verification=dv-ke8cE21v055DU946ldycE0sy
  • MS=ms87650588
  • zoho-verification=zb93107948.zmverify.zoho.com
  • v=spf1 include:zcsend.net include:spf-005fee01.pphosted.com include:spf.protection.outlook.com include:mail.zendesk.com include:_spf.getresponse.com include:_spf.atlassian.net ip4:66.219.19.197 ip4:62.232.106.194 ip4:167.89.73.249 ip4:71.14.240.66 ip4:205" ".202.173.213 ip4:212.98.79.58 ip4:204.14.234.64/28 ip4:204.14.232.64/28 ip4:182.50.78.64/28 ip4:96.43.144.64/31 ip4:96.43.148.64/31 ip4:23.21.109.197 ip4:23.21.109.212 ip4:147.160.167.0/26 ip4:67.231.152.177 ip4:208.84.65.220 include:shops.shopify.com ~al" "l
  • wsd7w4h3ps256js24q6vg3hcctssnhk2
  • google-site-verification=q9Mmz_AQcF1sBx0M56ejrxMLJgKhJke1S6GC8tOam7U
  • shopify-verification-code=nxZ1EkOG4N06hY9mnFwqvKvzLyQLuk
  • apple-domain-verification=hmJQddnI5AdwbDXX
  • j79b2cqtbc8h1qwdjmcrfwh3ywppjf6t
  • jdkmd7gb89rpwxyjy1f2gfdgb24rjh7c
  • lqjpb25y62sk0qcqc4qv5kjmrg66ch0x
  • _at431c65jmaodjnecf2hmsqvd4jdxsv
  • atlassian-sending-domain-verification=01d0197f-2b18-4cec-87c7-4be1d0f2381b
  • ljfmh10zm7nzsb83pthncwzh2xkk3n60
Cloud / SaaS Services Detected
Apple Atlassian Microsoft 365 Shopify Zendesk Zoho Campaigns Cisco Duo Proofpoint

Leak Screenshot:

Leak Screenshot