Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo LaBella Associates

Group: rhysida

Discovered by ransomware.live: 2025-04-28

Estimated attack date: 2025-04-28

Country: US

Description:

LaBella Associates Founded in 1978, LaBella Associates is a full service Architecture, Engineering, Planning, Environmental and Energy Consulting firm headquartered in Rochester, NY. More

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 0

Third Party Employee Credentials: 2

External Attack Surface: 1

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • us-smtp-inbound-1.mimecast.com.
  • us-smtp-inbound-2.mimecast.com.
TXT Records
  • v=spf1 mx ip4:131.239.74.203/32 include:spf.protection.outlook.com include:us._netblocks.mimecast.com include:docebopaas.com include:spf.zohomail360.com include:_spf.sendergen.com -all
  • 0ed1fe018aebf568b582cb433ab9fa2313c55c930d
  • apple-domain-verification=IalJYnw4HDi06N60
  • autodesk-domain-verification=INmP7dZIslCcXmbx5mjc
  • duo_sso_verification=5169sKi0ZXiCCi6gXTzabolCUy8JFs6QoHfxvqEifnld14jaXbxn0FGsZTEEDzO8
Cloud / SaaS Services Detected
Apple Autodesk Cisco Duo Mimecast

Leak Screenshot:

Leak Screenshot