On Q Financial, LLC
On Q Financial, LLC
Group: bianlian
Discovered by ransomware.live: 2024-04-06
Estimated attack date: 2024-04-06
Country:
Description:
On Q Financial is a Mortgage Company specializing in new home financing and existing home refinancing.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 1
Compromised Users: 0
Third Party Employee Credentials: 1
External Attack Surface: 3
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- onqfinancial-com.mail.protection.outlook.com.
TXT Records
- google-site-verification=-UHUk53lEkPxviEz_zjR6vskLrKEonPRyXVKbVtxJic
- google-site-verification=f5-6T9li237Mta1Aq8d5SthUWHZbk623H6OfvI1lI0o
- google-site-verification=gYOswjnL6YhyP7Gfx557wnJRwGTGOWOSZBRFQwJ6KCI
- google-site-verification=ilYwrtuDNZ7Xed4E_m6B50e8-n2B9byIG_FXBbGUHzE
- google-site-verification=ltguMwpRqWeJPahCOK_0gYOMf-xh6thpaWrvgoBUwLk
- v=spf1 include:spf.protection.outlook.com include:sendgrid.net include:_spf.optimalblue.com include:spfa.mailendo.com ip4:173.243.135.62 ip4:66.85.152.66/26 -all
- wiz-domain-verification=c832f0226c16149a49cd857af3e8155831010efe24fce045b2ce4eb1d30c0ca0
- 8bab77pjfe0qfga1984co678dc
- MS=4095CF524CD642623FC64A148C0B558FD6E18D1A
- amazonses:9q+uF1BZbWUoFhIjOBXuQZsghBaNL5bzXiEu6udwGyM=
- amazonses:bTNpB94gf0u9v6vffe81GgV0pxGcfxj/sKmogD8TER8=
- apple-domain-verification=Lwcs7p6jNtjfK1kX
- asv=09e563ac6a2a84846de6d09e9a3f1ec0
- ca3-0ee0e1cf044b4ef996af1a559f485757
- dropbox-domain-verification=7ia98x3foac7
Cloud / SaaS Services Detected
Apple
Amazon SES/WorkMail
Box
Dropbox
SendGrid
Leak Screenshot:
