Drivestream
Drivestream
Group: akira
Discovered by ransomware.live: 2025-01-07
Estimated attack date: 2025-01-07
Country:
Description:
Drivestream is a management and IT consulting firm specializing i n migrating the enterprise business processes of large and medium sized businesses to the Cloud. We are ready to upload more than 80 GB of private corporate docum ents including: SSNs, family contacts, contact numbers and e-mail addresses of employees and customers, driver licenses, passports etc.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 5
Compromised Users: 3
Third Party Employee Credentials: 5
External Attack Surface: 11
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- drivestream-com.mail.protection.outlook.com.
TXT Records
- v=spf1 include:spf.protection.outlook.com include:460601.spf04.hubspotemail.net include:transmail.net.in include:18bh90ng6.spf.checkpoint-spf.com ip4:49.249.229.210 ip4:152.52.167.94 ip4:115.242.182.198 ip4:208.64.159.51 ~all
- atlassian-domain-verification=ZrPeWJBWAhpDMtwOsFwp0ff52T0xZ04iWaVSqCGRqaxJSgebnSRptWW2Cai62fGQ
- zoho-verification=zb20570044.zmverify.zoho.in
- vb3ilhvuhr8mbr7t7vah7ip102
- google-site-verification=iOEg4M1Vv64ZAMSVBbNpj3lfs4xx-QMnLHc0Vw7iY7o
- duo_sso_verification=qOsQ3gkktElXZciDEz6Hf2UY4HopI65j1ZKyYCVwQb7RuIlKpmZEQ7efwShy3U7v
Cloud / SaaS Services Detected
Atlassian
HubSpot
Zoho Campaigns
Cisco Duo