Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo DELARUE.COM

Group: clop

Discovered by ransomware.live: 2023-07-06

Estimated attack date: 2023-07-06

Description:

De La Rue - Currency and Authentication Solutions


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse cscglobal.com
MX Records
  • delarue-com.mail.protection.outlook.com.
TXT Records
  • i5SoPoOY4J+gwyuF1R2swImNdydB7rV34HhDgUpf7+VeFthmQy4sAJekq34u498tzisUY3PnAoDLqve9TTk23A==
  • 7357f62a-2b02-4a5d-a679-d9daa827f5aa
  • 48bf4412-309d-4515-b51e-8d14eb95e6db
  • google-site-verification=6cwHIOjJFFhU-5zHkJzs3RHWJJ1KUXDq0bMcpC0VFew
  • google-site-verification=ZVNQESowTam7DmvS4pBocENKoCA8GxtLnL9vXAW0W88
  • FUa64ffRcygeFO63f7uHwKZgZasUsaX2W/ZBYYCLRWi66yU4vCZyMpbZuZSBXAu4BA0dRJ/VZdbYQs5idOTNyw==
  • v=spf1 ip4:31.221.59.168/29 ip4:31.221.64.192/26 ip4:146.177.11.97 ip4:151.253.187.9 ip4:151.253.188.121 ip4:20.49.129.218 ip4:31.221.71.216/29 ip4:20.49.133.65 ip4:20.49.169.246 ip4:20.49.175.59 ip4:20.50.106.248" " ip4:205.182.146.107 ip4:212.187.238.50 ip4:31.221.59.170 ip4:212.187.238.70 ip4:212.187.238.99 ip4:5.42.237.242 ip4:51.143.236.194 ip4:5.42.236.17" " ip4:52.212.19.177 ip4:52.17.62.50 ip4:94.203.46.167 ip4:3.252.108.176/28 ip4:13.39.103.16/28 ip4:89.237.182.170 ip4:168.245.49.92 ip4:192.254.125.237 include:spf.protection.outlook.com include:ppb.worldline.com" " include:mail.zendesk.com include:2752422.spf08.hubspotemail.net -all
  • miro-verification=404f0923ab2ae763aa49ca7138f5c2823d09b2a7
  • atlassian-domain-verification=OKa4lHwQvaeISQwIa4l9wsniwaTK6yL1j9xGSydW9jhsERRdYlpxas9pM5MMeZ17
  • _1fowp8lm052b58kcpmmt5k6o9wfggx3
  • google-site-verification=jPbvv-XyXTw22yIAnS-N8RJGuU04fUwPORqDRxR4cwM
  • apple-domain-verification=PBz3IUPrQAIkmCIW
  • MS=ms20404592
Cloud / SaaS Services Detected
Apple Atlassian HubSpot Microsoft 365 Zendesk Miro

Leak Screenshot:

Leak Screenshot