Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Engine Power Source

Group: lynx

Discovered by ransomware.live: 2025-01-30

Estimated attack date: 2025-01-30

Country: US

Description:

We have over 1TB of critical data, including personal employee and partner information. However, EPS management has shown complete indifference to this situation. EPS has 72 hours to respond, or the full list of data will be made public.


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • mx2-us1.ppe-hosted.com.
  • mx1-us1.ppe-hosted.com.
TXT Records
  • ppe-3c5c49e64717afac65be2205a1da48b0e70dce89
  • MS=ms40667135
  • cisco-ci-domain-verification=21c942ec5c703eeebdae4bb14a6b770fde3b43ed6b7ffd5194292bee9e9e5996
  • google-site-verification=hPMRYGcle-s2qJFIQRDRGuWPpNZ3BlVr5mhfEfgAhQs
  • duo_sso_verification=8i5BcILdoFLVkBubzJ43dhfHgLFk03aP9VuI3VfPTRQc2nHrQGaKpeQ29mI7bTVk
  • ZOOM_verify_Uoj78pZw2LAZCQDyvqnj7A
  • v=spf1 include:spf.protection.outlook.com a:dispatch-us.ppe-hosted.com ~all
Cloud / SaaS Services Detected
Microsoft 365 Cisco Cisco Duo Proofpoint Essentials Zoom

Leak Screenshot:

Leak Screenshot