Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo PBINFO.COM

Group: clop

Discovered by ransomware.live: 2023-07-26

Estimated attack date: 2023-07-26

Description:

Locate Missing Participants - Death Audit - PBI Research Services

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 2

Third Party Employee Credentials: 0

External Attack Surface: 4


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abusecomplaints markmonitor.com
  • admin dnstinations.com
  • whoisrequest markmonitor.com
MX Records
  • us-smtp-inbound-1.mimecast.com.
  • us-smtp-inbound-2.mimecast.com.
TXT Records
  • v=spf1 include:us._netblocks.mimecast.com include:3854232.spf10.hubspotemail.net include:spf.protection.outlook.com include:spf.mandrillapp.com include:amazonses.com -all
  • 9rtstvodf12p8v9vmps3mb2aip
  • 0ed1fe018acb953ed7a76e442eaa2cea
  • brevo-code:b46a050fef89bcdf87298ef8d6c7aff8
  • Foxit-domain-verification=3060371d4d796e3f216014eab31c65ad
  • atlassian-domain-verification=iCIcoqeuBmnXgHDzkET3PzWX14drXFqiNunKMZY9MJ0F35989WUOPQoBcizbBIH7
  • atlassian-domain-verification=icicoqeubmnxghdzket3pzwx14drxfqinunkmzy9mj0f35989wuopqobcizbbih7
Cloud / SaaS Services Detected
Atlassian Amazon SES/WorkMail HubSpot Mandrill Mimecast

Leak Screenshot:

Leak Screenshot