Electronics For Imaging
Electronics For Imaging
Group: hellcat
Discovered by ransomware.live: 2025-03-17
Estimated attack date: 2025-03-17
Country:
Description:
We hold 19GB of sensitive files from Electronics For Imaging, Inc., including critical corporate data that could jeopardize the company's operations, client relationships, and reputation if released publicly.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 34
Compromised Users: 624
Third Party Employee Credentials: 25
External Attack Surface: 143
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abusecomplaints markmonitor.com
- whoisrequest markmonitor.com
MX Records
- efi-com.mail.protection.outlook.com.
TXT Records
- MS=ms55878196
- duo_sso_verification=NJ1kibh0cMqjIGOhqVJL8NqGWp78Wfah3qw5okJiQTkjHZ5Ir9SYXGmnMQjPk3K0
- Sw1hPS2lQMNwy9Gp3YcMJBqKfo6skfBK5wCAukrLhwj5tM6G/hBW/Aay1rnob5HMDeVSedgeRgWgmhYCchwYzQ==
- v=spf1 include:spf1.efi.com include:_spf.salesforce.com include:spf.protection.outlook.com include:mktomail.com include:_spf.psm.knowbe4.com include:spfa.cpmails.com ~all
- pzck8j666yg2znb0vw0q7pftdlc9dz7t
- atlassian-domain-verification=uabAywbH990y7DSLpuCCjuM1tiFjrgCihYRWCZBmnaoVk1PcOanT0aXFEG242Qb0
- google-site-verification=0_eZVR60mLvoFCHtdIeOzww_hO7PYwmX-RiufmQN-is
- cisco-ci-domain-verification=1b1171716c9e6d07ec808d1fde88a8230bd00c4d0c31a2f43bafdf1ee9e43ae9
- adobe-idp-site-verification=f3746c276474c691370f820be4bd2a30d9cd44da535b200a6ed312622a10d0e2
- webexdomainverification.4C675B8771E1B136E053AB06FC0A3F65=42a1b475-2d14-4b28-b039-9e91ffc57db2
- amazonses:MAQZE7+h/PzMd0IFVZ/3eJ1XP4uEKD4Njy3c5gGhiJU=
- jt8cg3gpvcbdsf937s6gl7ecbr
- 3ks7vntqdbckxdqg9hhv8xb3kq9yjcwk
- cqdc1mkd2n1mm410cds1y1ydz8xwy7wn
Cloud / SaaS Services Detected
Adobe
Atlassian
Amazon SES/WorkMail
Microsoft 365
Salesforce
Marketo
KnowBe4
Cisco
Cisco Duo
Cisco Webex