Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

SUNSETHCS.COM

sunsethcs.com

Group Clop
Discovered 2022-12-22 20:02 UTC
Est. attack date 2022-12-22

Description:

Sunset Healthcare Solutions

Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 0

Third Party Employee Credentials: 1


External Attack Surface: 0


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abusegodaddy.com
MX Records
  • mx1-us1.ppe-hosted.com. Proofpoint
  • mx2-us1.ppe-hosted.com. Proofpoint
TXT Records
  • MS=ms65618963
  • brevo-code:c71b54f5d42352068acd26f1f450f285
  • duo_sso_verification=QM9XmKTyH4oshfBGF4jRwBhQUHIkmUOLOefFwJGYS7GJK3kPo45UsD51EIhXmbs5
  • openai-domain-verification=dv-71rAMX7kbSvlspQEm1QQnWxi
  • ppe-0fa48419c8da831a2121
  • v=spf1 a:dispatch-us.ppe-hosted.com ip4:38.140.126.18 ip4:3.229.187.42 ip4:3.227.52.228 ip4:167.89.74.79 ip4:167.89.75.142 ip4:167.89.82.157 include:servers.mcsv.net include:sendgrid.net include:_spf.smtp.com -all
  • 8q46lhhkojp03qlvf604c0b1s1
  • MS=ms20276788
Cloud / SaaS Services Detected
Mailchimp Microsoft 365 Brevo OpenIA SendGrid Cisco Duo Proofpoint Essentials

Leak Screenshot:

Leak Screenshot