M6
M6
Group: bitpaymer
Discovered by ransomware.live: 2019-10-12
Estimated attack date: 2019-10-12
Country:
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 7
Compromised Users: 399
Third Party Employee Credentials: 14
External Attack Surface: 46
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- support support.gandi.net
- fb34853c9224f360a10e2bd6d1d4769b-43541565 contact.gandi.net
- 8492c3ff7a642bf3eb97cd4ff2ce3fcf-43542770 contact.gandi.net
- 46399abfdb6ca8cdeebce7ff0b5ea81f-43542775 contact.gandi.net
MX Records
- mx2.m6.fr.
- mx1.m6.fr.
TXT Records
- v=spf1 ip4:91.208.209.65 ip4:91.208.209.66 ip4:91.208.209.67 ip4:92.61.161.45 include:spf.protection.outlook.com include:%{i}.ip.%{s}.sender._spf.dmarc-expert.com -all
- atlassian-domain-verification=RwLwFNtxmrmLKeaZHXL6LKiinX15a5z6rvepLQXJECQlWPmDR8FGJEK78PVPJKVt
- cisco-ci-domain-verification=1135ab86a85f06d6c395b1dffc58df034a87f75d373e31edc15e98e9a393712c
- docusign=7558a6a5-46ad-4aa5-900e-3a28b9c6453b
- google-site-verification=8-rdL0TOrvoZ-dyr6Wo5lWQuPaOHGdXbQVnMPlH9Q38
- MS=0CDF9AFB01421C1EEA2B841546189C8A999438CD
- google-site-verification=C1YIeeBT4lp9pl8C8KRclkLjW8I1QKoGnaUzfi1cwyE
- amazonses:rMY1N99LbY5cX8PpaZfMpqnmyM4EP+QgF8a4EYDQ+iM=
- VzHSkimTAhVkOSQrEgyiBLF22iZdYyWtdo4hp+trIjxLxrNpzLAgykEj7mh2bk/rlV6OcvlWDf5Iv+Po2zI2DQ==
- MS=ms88870454
- google-site-verification=sx797q5T21O3-GtYpocgfnHpYwHatsB5rGrkc6b_uos
- airtable-verification=ac4ead1f93648b9036320a98deae25e3
- apple-domain-verification=mCHl5fvlPMa4fX21
- adobe-idp-site-verification=1ab58e56a7c5cfcf85df9cf0e34dc26505b7982a08fd338b70244c5611b99242
- sending_domain223422=4a7cf80ad570a51a1e15e789f9c4d247e4971eedaefb8192af7d611a5f953da8
- miro-verification=f8df0dbc9f605186abedb068447f67bf4c5325b2
Cloud / SaaS Services Detected
Adobe
Apple
Atlassian
Amazon SES/WorkMail
Microsoft 365
Miro
Cisco
DocuSign