KaDeWe
KaDeWe
Group: play
Discovered by ransomware.live: 2023-11-15
Estimated attack date: 2023-11-14
Country:
Description:
Germany
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 19
Third Party Employee Credentials: 0
External Attack Surface: 7
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- No emails found.
MX Records
- kadewe-de.mail.protection.outlook.com.
TXT Records
- google-site-verification=Yesw4Q-aXzl4OoGkTbIW66U1QfzBcGFNZ0kSliAQEEI
- apple-domain-verification=VhTTmgny0M24icj1
- v=spf1 ip4:51.116.154.224 ip4:51.116.235.221 ip4:51.116.168.97 ip4:51.116.171.167 ip4:51.116.168.107 ip4:51.116.239.135 ip4:51.116.168.105 ip4:51.116.171.219 ip4:51.116.168.114 ip4:51.116.171.171 ip4:194.8.120.225 ip4:194.8.120.226 ip4:193.99.77.61 ip4:19" "3.99.77.58 ip4:80.237.177.100 ip4:5.35.248.249 ip4:5.35.248.177 ip4:217.110.74.34 ip4:20.93.210.170 include:_spf.salesforce.com include:spf.protection.outlook.com include:spf.mailjet.com ~all
- k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDWiS7lX6G6Ra3bgohY0kwfXLeyqQLo9uC8BvMtgMO2Stkehuc5Yx5meL/QPmWfCbcHfJU9amcHs6z427/faiVraqnpFLZVTHi3+2wN4s7Dgw31gRDx80k+qgUnVGseM0B0n4F3UeKMdjsQ+6O7sfvy+V4zsYPZz/bFWWeNY11X+QIDAQAB
- figma-domain-verification=60d1b4a25b06c9e1ec1a94156c52c8cf9725de8cb4f47e220d86ffd5985ae1da-1722584360
- teamviewer-sso-verification=b0971f43ae9c4ad48a2c67c096e050c9
- 1password-site-verification=PO47VZM6KFEJ7KFJ4TT4DPQUP4
- google-site-verification=S8QOZu02Y1OWQ2I3IAw9Pi2aGq-TpIKt_fT9XNY8LKg
- kLg605H1G+29rScw5UN77EcY+H/XFicxMpTapwxFnTdW7eQ8jiUWLCKleS4kvGDFoFj38JVHy4Np0aQLcTVD6w==
- atlassian-domain-verification=34KsnBaMbW4GPzuG4hLtrKiNxaSiDJygUfGpXMShLdzF71cg/eY/dD6LsiBjphES
Cloud / SaaS Services Detected
Apple
Atlassian
Salesforce
Teamviewer
Mailjet
Leak Screenshot:
