Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo SHAMASS.ORG

Group: medusalocker

Discovered by ransomware.live: 2024-05-02

Estimated attack date: 2024-04-22

Country: US

Description:

Descriptionemployee information – agreement – customer email(.xls)-.msg outlook files Price-$50000 (sale in one hand there are options for making a profit from these files will be included in the deal)


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • d320838a.ess.barracudanetworks.com.
  • d320838b.ess.barracudanetworks.com.
TXT Records
  • 6ql8h9vls91dlave812foljq45
  • 7h35v98sktsc7ijtph5ijl0c20
  • duo_sso_verification=9slzU3KfI2lHImDM6LYzhx3kLigb1cvWIgYvyDPPCdsKTIV4CfdO6j9sXlHfSpC6
  • Foxit-domain-verification=760206c7caa96944bb91bb0f9bc9f53d
  • v=spf1 include:spf.protection.outlook.com include:spf.ess.barracudanetworks.com include:asp-spf1.yardi.com include:asp-spf2.yardi.com -all
Cloud / SaaS Services Detected
Cisco Duo

Leak Screenshot:

Leak Screenshot