Operative
Operative
Group: play
Discovered by ransomware.live: 2025-05-12
Estimated attack date: 2025-05-12
Country:
Description:
United States
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 11
Compromised Users: 1
Third Party Employee Credentials: 7
External Attack Surface: 42
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- operative.in.tmes.trendmicro.eu.
TXT Records
- miro-verification=4061219774f92225218729fcfc1bc42ce83efcae
- mongodb-site-verification=NB7uxqw94eX92xoTWQHvD7stMf1khXvM
- new-relic-domain-verification=b545164a5d1042a698df27e131825c23
- onetrust-domain-verification=f46a71c798fa4dffbee1700079e75b77
- v=spf1 include:spf.protection.outlook.com include:spfip.operative.com include:spf.tmes.trendmicro.com include:spf4.operative.com include:spfip2.operative.com include:_spf.salesforce.com -all
- MS=ms63648900
- adobe-idp-site-verification=74087bfa3adc4fbec29403f83eedc28fa9af1cfe2af45bef154ec4b901df4995
- apple-domain-verification=NUOMSnzxycNMMKNX
- docusign=af915e23-7a7e-4fae-ac61-89530bfa1c43
- google-site-verification=S1Rzlyf1wjdV0PPT7W8UZrWAGqM7zQJuO3DVbuiy02U
- hes=4959ceadfdfeb3e25a07f3191c7e0ed6
Cloud / SaaS Services Detected
Adobe
Apple
Microsoft 365
Salesforce
Miro
OneTrust
DocuSign
Leak Screenshot:
