Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo ICSYSTEM.COM

Group: clop

Discovered by ransomware.live: 2023-06-16

Estimated attack date: 2023-06-16

Description:

Debt Collection Services & Solutions - IC System

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 21

Third Party Employee Credentials: 0

External Attack Surface: 9


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • icsystem-com.mail.protection.outlook.com.
TXT Records
  • ojdhkj926fvtqiggo3gbsvv50p
  • pardot_54152_*=81d106d7287d9c6f4cfaff69340e7c45471cff753892e5de65b646eebf0cf279
  • fpa1j0o0q3uruame3dbek9oee2
  • dj9wqqkHOi7vI7TrNmsi5qSTdvWIYw/rIAte96k0NJIIbaMswLwgmQa26rMiGwibb98gFtewERXYJcldjPAvqQ==
  • rXOf/rPZRH9LxcZREULV0PSWik+hoInbhG1lzlsBaKcHijPYArrfc/bMVvvPABK5hvhEMpw+0A+Re+MbXSJNWQ==
  • sending_domain54152=7ad6f21ebd4cbca14ef8d4d252d560db4d039d8fd4f849bf8e533660f7b6a41b
  • 2iBjso7PoeJ2Mw0rKBC+HkCGxcyLmdMoZLqNk/wEA4s5mD+wrYEp+Cfg1x+6T+8SzKuNQaoZboTIZ0A8LO5O0Q==
  • v=spf1 ip4:66.162.227.135 ip4:66.162.227.230 ip4:209.240.94.7 ip4:199.122.124.59 mx:mail.icsystem.com include:aspmx.pardot.com include:spf.protection.outlook.com include:_spf.salesforce.com ~all
Cloud / SaaS Services Detected
Salesforce

Leak Screenshot:

Leak Screenshot