Perrigo Company
Perrigo Company
Group: termite
Discovered by ransomware.live: 2025-03-14
Estimated attack date: 2025-03-14
Country:
Description:
Perrigo, founded in 1887 and headquartered in Dublin, Ireland, is a global healthcare supplier and manufacturer of private label over-the-counter pharmaceuticals.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 5
Compromised Users: 8
Third Party Employee Credentials: 8
External Attack Surface: 14
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domainabuse cscglobal.com
MX Records
- mxb-00157e01.gslb.pphosted.com.
- mxa-00157e01.gslb.pphosted.com.
TXT Records
- nfp65knbftx0vvgpvpl9gmmhfpdcl2wn
- infor-cloudsuite-domain-verification=BENE4S655GN5QUVVRM4UKNQ2HDWANTQEBZGNRRWYJ28X7UU4NTW55VYTHATCAEAU
- xnwwsfc3c45qmx38q5rkmh0ctxy28js3
- docusign=935207fd-d55f-4a6c-a87a-fd5dfc3e9667
- google-site-verification=qpGHWkOAz1EIXcQMsgX23lBrRYyxRuXygV3aH3wvQpI
- Fja4a9w4/nm8BioYlO3lUV9pT8SIkeNmcgDBT/9oIjg=
- _qa4sc8kef03jzesuzvdid9j3i87v706
- v=spf1 include:spf.protection.outlook.com include:spf.natchcloud.com include:spf.messagelabs.com include:spf.mailjet.com a:smtp5.silae.fr include:_spf-dc8.sapsf.com include:_spf-dc4.sapsf.com ip4:67.231.152.89 ip4:208.84.65.89 ip4:148.163.151.89" " ip4:148.163.155.35 ip4:70.42.227.151/32 ip4:70.42.227.152/32 ip4:65.221.8.29/32 ip4:65.221.12.128/32 ip4:65.221.12.148/32 ip4:198.11.114.29/32 ~all
- Rmoex6CRjH/gxdWHL6fIJGBC5H/nrkp7m2wCupwHsHGRezexn+p2z2Imc5bbuB6iJbbzOsCUhIzz5OKV3FdyBQ==
- MS=ms29398938
- 6niL5fcK4U6TSgcQiZZWMiReLXjREnl1BxWK/X+QkRa3whvbZ66aZY1Qa4hhzBHnvoIfGoXb8VOcmMbCljPexQ==
- adobe-idp-site-verification=b46dba41-1ed3-414e-bc82-e7bb746ec78c
- jamf-site-verification=1mXuoKBAyGv3s58MaeLdCA
- docusign=58580b71-7ddc-4c1e-868d-903088cbce94
- apple-domain-verification=8LdopAPsGJGwS4zz
- vmware-cloud-verification-7b5fd9b0-0f89-45fe-afe0-13c4c9090574
- intersight=4c77204ca8df7663a630399919c8bbca4b13c99039f9459e048baaae664eb9ff
- _ddw3yp59nly46m07hob9zcx1fj34214
- 91b26b1477vhhyssplq4ysvm89vjqll9
- PPuibJqlsN223pGYJKTqxuAMZg1fJ/xAAwD+mkVr15FXicRh4fJOKL47vCLwO8zpw6fVsOB+BcpQaGNQMXTcVA==
- MDAyMjY0MThwZXJyaWdv
- shopify-verification-code=KLRjMETG4WzD3cI4sYmMypt911RFqC
- ciscocidomainverification=5aaf94d52cb5dd863f9e8c6af6b91ca583ace8e7c875b650a6a3f111b15b4acb
Cloud / SaaS Services Detected
Adobe
Apple
Microsoft 365
JamF
Mailjet
DocuSign
Leak Screenshot:
