Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Lush

Group: akira

Discovered by ransomware.live: 2024-01-26

Estimated attack date: 2024-01-25

Country: GB

Description:

Founded in 1995 and headquartered in Poole, United Kingdom, Lush is a cosmetic store specializing in the retail of bath bombs, hair products, makeup and more. 110 Gb of their files are prepared for uploading. There are a lot of personal documents especially passports. Accounting, finance, tax, projects, clients information and much more could be found in the archives we are going to share.


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • ALT1.ASPMX.L.GOOGLE.com.
  • ALT2.ASPMX.L.GOOGLE.com.
  • ASPMX.L.GOOGLE.com.
  • ALT3.ASPMX.L.GOOGLE.com.
  • ALT4.ASPMX.L.GOOGLE.com.
TXT Records
  • _0hye2r5zwwrscjek067ijqf51f2xu11
  • asv=92e4443cca10303d914af1200cd9985e
  • google-site-verification=tFe4sYZPKXUDOXXIXAYnrueWtot_I88rTVN81P6CKzM
  • solarwinds-service0desk-verification=0ef99472f5f8db351cb5725d69f74aa4
  • spf2.0/pra include:listrak.com include:lush.com include:demandware.net -all
  • v=spf1 include:_s00398851.autospf.email ~all
Cloud / SaaS Services Detected
No well-known cloud or SaaS service detected.