IJM Corporation
IJM Corporation
Group: hunters
Discovered by ransomware.live: 2024-02-23
Estimated attack date: 2024-02-23
Country:
Description:
Country : Malaysia - Exfiltraded data : no - Encrypted data : yes
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 53
Compromised Users: 145
Third Party Employee Credentials: 53
External Attack Surface: 50
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- compliance_abuse webnic.cc
- reg_20382981 whoisprotection.cc
- adm_20382981 whoisprotection.cc
- tec_20382981 whoisprotection.cc
MX Records
- alt2.aspmx.l.google.com.
- alt1.aspmx.l.google.com.
- aspmx2.googlemail.com.
- ms46848456.msv1.invalid.outlook.com.
- aspmx3.googlemail.com.
- aspmx.l.google.com.
TXT Records
- google-site-verification=uzohPmFuixNuVWEoWLxQsfrsa_JWzW_qdN5CQKHxIMY
- _globalsign-domain-verification=7G4U0CRy9V5Ppu9XVm8l_fMfyIan08FvErLZuNkwuG
- v=spf1 include:_spf.google.com include:spf.protection.outlook.com include:_fps1.ijm.com ip4:20.5.80.155 ip4:20.5.82.25 ~all
- amazonses:aPS3ZYMunIiN2pKEJ3NIu1csktdH/dj4lsPOXTQPQck=
- apple-domain-verification=2X2fd0xicxYxhkm5
- google-site-verification=X_oF8ExYNTbyAS7Nm7aUxJN8mbkIul9kHeir3sMcS2c
- MS=ms46848456
- atlassian-domain-verification=ZUCkkJItSWDhxeS9AlHEpkN7xquXo512RGBJLhxkof5Ehn8Kc67JzG3l1iJXrkDT
Cloud / SaaS Services Detected
Apple
Atlassian
Amazon SES/WorkMail
Microsoft 365
Leak Screenshot:
