Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo SMDEA

Group: qilin

Discovered by ransomware.live: 2023-05-22

Estimated attack date: 2023-05-22

Country: FR

Description:

The SMDEA, a public operator, is an intermunicipal cooperation tool specializing in the areas of water and sanitation; domestic cycle and large cycle. The company decided to ignore the gigabytes of data taken from their servers. That's wh ...


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • support support.gandi.net
  • 4691fcfcc4de1ccfeabd58893a63ae31-16072199 contact.gandi.net
  • b4e3f502be80557cac96c36ef5f23fb1-6684035 contact.gandi.net
  • noc gandi.net
MX Records
  • mx14.mailinblack.com.
  • mx14b.mailinblack.com.
TXT Records
  • MS=ms72955929
  • MS=CC935EDC412117657E11A5A4A2F1F7127300FAD5
  • v=spf1 mx ip4:31.169.43.21 include:spf.mailinblack.com -all
  • ZOOM_verify_xyRNUCaVdgKRkmgXeBNpu4
Cloud / SaaS Services Detected
Microsoft 365 Mailinblack Zoom

Leak Screenshot:

Leak Screenshot