LRN
LRN
Group: hunters
Discovered by ransomware.live: 2024-08-03
Estimated attack date: 2024-08-03
Country:
Description:
Country : United States of America - Exfiltraded data : yes - Encrypted data : yes
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 1
Compromised Users: 2
Third Party Employee Credentials: 10
External Attack Surface: 100
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain.operations web.com
MX Records
- us-smtp-inbound-2.mimecast.com.
- us-smtp-inbound-1.mimecast.com.
TXT Records
- docusign=26564189-b8ba-4828-b6a2-977d4dd47fce
- google-site-verification=Rrq2UGLTUmQPxzcW9DFqFeqsvUqelA43GBOuEAKiguM
- cisco-ci-domain-verification=146932cbba581524ce04b1d51c301484419433c8bcbdd392573d233219156b97
- mongodb-site-verification=zilrVqwTNJhfOXm0EoExYIxYWwf5OUhp
- MS=ms81028255
- adobe-idp-site-verification=251f59d7994ad47284f24cc290eec5405547694b3c3dc589499aafc99168a37a
- v=spf1 ip4:54.89.46.80/32 ip4:35.170.128.37/32 ip4:18.208.102.98/32 ip4:18.208.117.110/32 ip4:103.151.192.0/23 ip4:205.201.128.0/20 ip4:198.2.128.0/18 ip4:148.105.0.0/16 ip4:207.211.31.120/32 include:eu.lrn.com include:6679608.lrn.com include:spf.protecti" "on.outlook.com include:us._netblocks.mimecast.com include:mail.zendesk.com include:_spf.qp-mail.com include:_spf.salesforce.com include:319387.spf03.hubspotemail.net -all
- teamviewer-sso-verification=0efba29771de4e9fa90e25eba55cd984
- MS=ms85137557
- atlassian-domain-verification=V8xXuJ8ZaN86JtajLye12veqoaWDIsYm5VeQhspmb/Qi6OxQYGLGT9O93GLB5HAE
- atlassian-sending-domain-verification=514750e8-9b2e-41bf-9bea-782338a39637
- apple-domain-verification=Squ57XVwrHXuekol
- 5a4e8f74-fd2f-4401-85b1-31b0caad8f20
- google-site-verification=gdQEATkS95d0Yi4TFVrtHjSUE3az_At2piXE9FLkGKI
- google-site-verification=7StLeSCIe7jtQFh77oxI18TSKv1ksuE58XhZSe0dTHc
- XqBXZRGsSA9+vejWGDrG+qNdiEi9Faersl30ETWI84e4bEbJVX/A3V78DcCahIJgcwRKmz9pauN2wHGQJLBytQ==
- google-site-verification=edhHm8JF6rOfZaSL2tUxMQNjMcVAYvymzUiKMlvvFmo
- 0ed1fe018a8385545df33d4c31b38ca82cb162c4e6
- openai-domain-verification=dv-WRu6Hs9Yy8ZcITlI2EckDyTd
- google-site-verification=L6H_OWppPtHhrhRzPDj0Deqtz50fXMiNHE5jPhex3sg
- ZOOM_verify_wcKNwfBmT22keAgav3rtrQ
Cloud / SaaS Services Detected
Adobe
Apple
Atlassian
HubSpot
Microsoft 365
Salesforce
Zendesk
Teamviewer
Cisco
Mimecast
DocuSign
Zoom
Leak Screenshot:
