Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo

Superloop ISP

superloop.com

Group: Cyclops

Discovered by ransomware.live: 2023-07-14

Estimated attack date: 2023-07-08

Country: AU

Description:

Superloop is Australia’s modern challenger telco and internet service provider that’s unleashing the unlimited possibilities of the internet. Superloop is all about experience - we're not just a utility - with a promise to be super from the ground up. We’re more tech than telco, and we deliver quality service across our consumer, business, and wholesale units.Our can-do culture will excite and ignite our customers as we deploy game-changing solutions that solve customer pain points, backed by great customer service delivered by our highly enthused team of Superloopers, who are committed to making the internet experience super. Website: ======== https://superloop.com Data: ======= http://sbibb5lw7p2sedmm3pwifopsx7ky3klxqisjbl5awgze5dk2ueuc2qqd.onion/lift_me-6.zip PASSWORD:693OK@&iCW8PYmxoE7R6TaMg9OfN29Ae http://sbibb5lw7p2sedmm3pwifopsx7ky3klxqisjbl5awgze5dk2ueuc2qqd.onion/zip file name-4.zip PASSWORD:PrNi@7L66T3x@HONyMlpa4R3Qq70jz6c https://bayfiles.com/J4qdZ0x3za PASSWORD:1$q0dz4@h*Q&I$$@igkwELCP3NDR2$dt https://bayfiles.com/J4L6Y5x2zc PASSWORD:qx6uTel$O2lLGZGeUU0yNfiEy6eh%lpU

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse@godaddy.com
MX Records
  • mxb-00aa7201.gslb.pphosted.com.
  • mxa-00aa7201.gslb.pphosted.com.
TXT Records
  • jamf-site-verification=v_65pb-hVZ-Ep0NrRzpAdg
  • orbitid-domain-verification=cksoz7s7n40443odmxxjnwmels:superloop.com
  • paloaltonetworks-site-verification=390a7b417b47ff5ddb4b842d4c56c24212bddf80e10789a39d1f992f4af31d7f
  • v=spf1 include:_spf.superloop.com include:servers.mcsv.net include:mail.zendesk.com include:sendgrid.net exists:%{i}._spf.mta.salesforce.com include:_netblocks.superloop.com include:amazonses.com include:spf-00aa7201.pphosted.com -all
  • Dynatrace-site-verification=deddeded-b9c9-4464-8f70-7971ba376759__ctc8g969np6sfglvm304ncps99
  • adobe-idp-site-verification=675cad51269101096f17bdf8e5843f4e68fd17e04f6ca3eb291396aef08d9808
  • atlassian-domain-verification=z/1ocagxP5hZ34KFIZ3QPEz8TY3feCPCLvbxnIw216Zjrn9mkdxaVlk9vBrlUe92
  • docusign=7118f7ae-a669-4eef-8f20-a81f3e5113c6
  • docusign=fda6b9db-7cde-40ec-a561-536e55d98720
  • google-site-verification=QpgTxK_KD7s8M8-V5NWJ6BIeviPpGkPDC8MyXCL8AaU
Cloud / SaaS Services Detected
Adobe Atlassian Amazon SES/WorkMail Mailchimp Zendesk JamF SendGrid DocuSign Proofpoint

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.