Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Lydall, Inc.

Group: akira

Discovered by ransomware.live: 2023-11-29

Estimated attack date: 2023-11-29

Description:

Lydall is a New York Stock Exchange listed company, headquarteredin Manchester, Connecticut with global manufacturing operations producing specialty engineered products for the thermal/acoustical and filtration/separation markets. We are going to upload a good amount of their projects files with drawing and everything. There are many HR files with detailed information, finance, accounting in there.


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • mxb-00177901.gslb.pphosted.com.
  • mxa-00177901.gslb.pphosted.com.
TXT Records
  • bK6/ChV/MuzrlLn/QVOBgjzc25bzep2UaL9sxAlreTTFpEk4yP3oSGBEBW21tZyx9vMqe45GALiEQMo8lAQOWg==
  • ubq39j9nhk44qtfnftufu0ic27
  • teamviewer-sso-verification=043c416970fe42a3b998f363322f2ea9
  • hcgh04855nekjh79601m5e9a17
  • apple-domain-verification=aT95LoUih8sUH1WT
  • bue5u0731ogd5o2s3rbvof6ss3
  • v=spf1 include:sharepointonline.com include:spf.protection.outlook.com include:spf-00177901.pphosted.com include:_spf.ultipro.com include:nusiem.com ip4:63.115.69.229 ip4:63.115.69.228 ip4:63.115.69.227 ip4:149.20.199.24 ip4:185.114.121.224 ip4:80.149.105" ".226 ip4:149.72.147.186 ip4:167.89.101.239 ip4:168.245.40.44 ip4:142.0.180.120 ip4:80.155.13.134 ip4:72.43.203.176 ip4:45.62.183.68 ip4:45.62.176.113 ip4:54.229.2.165 ip4:52.30.130.201 -all
  • nhfdn2jqidn6r3935cbn7emdn
  • solarwinds-service0desk-verification=0f1c7b4c312e2be137747d70d8ef024e
  • fp6fk6phkf5u45sanqa7tqp9up
  • lphioiqgo3d3r08igrb1h0m9pl
  • 6dvv7kptcvtk19fm5vk6u3dt4h
  • iagv6ndv8oihbplfuom3eq28ne
  • 25g0n2pkucnto8rna21jqhb5ii
  • k4bl78ee0ik5gqe2vmo0une54n
Cloud / SaaS Services Detected
Apple Teamviewer Proofpoint