Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Hirsh Industries

Group: ransomhouse

Discovered by ransomware.live: 2024-04-24

Estimated attack date: 2024-02-24

Country: US

Description:

Hirsh Industries has operated continuously since 1924, when it began as the W.P. Johnson Company which specialized in metal fabrication. In 1989 the company changed its name to SteelWorks and continued to grow as the leader in filing products. In 1999 the company took on the name Hirsh Industries as the primary product lines expanded to include commercial grade filing and shelving items, along with a broader assortment of small and home office file cabinets.


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • hirshindustries-com.mx1.arsmtp.com.
  • hirshindustries-com.mx2.arsmtp.com.
TXT Records
  • MS=508383831520B2F817E44A5131DCF6A8952005D9
  • slack-domain-verification=xpwE7tsQozEykU3PSKsCf3l0OsyHCzYdbd3q99Vw
  • v=spf1 a mx include:spf.protection.outlook.com ip4:216.71.148.37 ip4:65.153.171.242 ip4:65.153.171.251 ip4:71.185.229.212 ip4:71.185.229.214 ip4:68.232.157.117 ip4:201.140.157.161 ip4:45.55.32.117 ip4:52.204.162.147 ip4:18.208.104.22 ip4:173.78.79.248 ip4" ":50.201.198.113 include:globalreach.com include:_spf.salesforce.com -all
Cloud / SaaS Services Detected
Salesforce Slack

Leak Screenshot:

Leak Screenshot