MOTHERSON.COM
MOTHERSON.COM
Group: clop
Discovered by ransomware.live: 2023-07-13
Estimated attack date: 2023-07-13
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 118
Compromised Users: 48
Third Party Employee Credentials: 63
External Attack Surface: 56
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain.operations web.com
MX Records
- mx2.mind-infotech.c3s2.iphmx.com.
- mx1.mind-infotech.c3s2.iphmx.com.
TXT Records
- atlassian-sending-domain-verification=9eccae70-1dc7-472d-a1ef-76ea74839cab
- teamviewer-sso-verification=df28dc3384d641288d9de0a101a1e171
- MS=ms50338078
- atlassian-domain-verification=Yi7qewo79jTAANY3b7otvfjqQ8nBOxr0aJqsh63olH/qhkaoWFd6hbRFaGBldSp4
- v=spf1 exists:%{i}._i.%{d}._d.espf.dmp.cisco.com include:%{d}.37.spf-protect.dmp.cisco.com -all
- atlassian-domain-verification=GfFB0XKcryjCo24mBcJimXQca3HFxzWju3gV1SCjJHJrK8W52uUR/Yr/S6mxuQBv
- Y1eP26oUflzXsydDPE94RtGlJpUi8Y/UU8uwMcwXjpnwVVuDViNSafqxLDc00aSC21KP6qniViQ2qnVikXcIww==
- amazonses:TfdGHJGHbtVxtBvmlA+jJA6DbQzUqcgMSU11JQt+HJY=
- google-gws-recovery-domain-verification=48877018
- google-site-verification=rD5YltWi38MY1s_M9kL7WANrJ1CJKkKamK3gAb-O2LM
- globalsign-domain-verification=2D9BF995724BB693A56C450613E83F5E
- atlassian-domain-verification=cJT0jtKLfX4whXS35Y5C/4GoizBVyx5OqIkHGFrQVrxOZeFl3MOgvHDXox0ZbHm1
- smartsheet-site-validation=5fFvURNyzHqpogXYoLdU1eWoLC3uv8Bi
- MS=ms87714475
- aJLETZ2rUWjVkc6XCtZ3tDiXoRkCa6C4j8nDEJEijHE=
- pexip-ms-tenant-domain-verification=dc1c34c7-6e00-45b5-ba01-53bc9b8f9a34
- knowbe4-site-verification=db9d2ce476a06e0cb0a62b0796c36d43
- apple-domain-verification=XfIQzqkuKdbp3eUq
- edcfecf57fc856d46debaa52dfea0a8a4d8187163d8ff14f58
Cloud / SaaS Services Detected
Apple
Atlassian
Amazon SES/WorkMail
Microsoft 365
Teamviewer
KnowBe4
Leak Screenshot:
