Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo ENSTARGROUP.COM

Group: clop

Discovered by ransomware.live: 2023-06-29

Estimated attack date: 2023-06-29

Description:

Enstar Group

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 2

Third Party Employee Credentials: 1

External Attack Surface: 1


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • eu-smtp-inbound-1.mimecast.com.
  • eu-smtp-inbound-2.mimecast.com.
TXT Records
  • _globalsign-domain-verification=McgHxg3iXWsulkcqcgsn9706RZZMC60Bs6h-Skyf_N
  • globalsign-domain-verification=7084d7087a3182505aface7b0979036d
  • globalsign-domain-verification=ViNxjJsl6FQPtkDgw0kkDe5AhUz8l4nJzGfXB2oXi4
  • paloaltonetworks-site-verification=cc0415627d7d8aaeebb8c7b0108360f3d1c3804f9fe8fb3c4302fcdf1359f7e1
  • globalsign-domain-verification=cd6c7c4c5f76aea76016e164242cfde4
  • apple-domain-verification=b1R7WdDESLNmGddx
  • openai-domain-verification=dv-l1jqvwP6Tlq64aw6WXoRxWer
  • 8s8i4omkd9e948h6srnk7f802c
  • MS=ms24053470
  • u0n7k2mhri2cbl00s10ngshb0
  • _globalsign-domain-verification=f4jPuhQkX0WDjYQaWUlZjkGNYJPiKYRJIaAdrd-HBv
  • docusign=eba7d086-3671-42a4-ba7a-5edab568f4ad
  • globalsign-domain-verification=8c011581e73d2d67e7b58150c21513e1
  • v=spf1 ip4:193.104.89.0/25 ip4:77.95.114.128/25 ip4:170.146.220.0/21 include:spf.protection.outlook.com include:spf.messagelabs.com include:eu._netblocks.mimecast.com -all
Cloud / SaaS Services Detected
Apple Microsoft 365 Mimecast DocuSign

Leak Screenshot:

Leak Screenshot