QBurst
QBurst
Group: fog
Discovered by ransomware.live: 2025-02-16
Estimated attack date: 2025-02-16
Country:
Description:
Extract from Gitlabs: Acqua development, QBurst, Pamyra.de- QBurst is a full-service software development company offering services in cloud enablement, data and AI, digitalization, and more.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 12
Compromised Users: 56
Third Party Employee Credentials: 30
External Attack Surface: 10
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- aspmx2.googlemail.com.
- alt1.aspmx.l.google.com.
- alt2.aspmx.l.google.com.
- aspmx3.googlemail.com.
- aspmx.l.google.com.
TXT Records
- google-site-verification=Rx5Z16c0ns10lVxFuH6AHUw4Tgx4Yn-T8_EXMK61mTQ
- google-site-verification=2UkGwVWh6t2mdT7bTtENnIbuxps9XW-z0CTR-TRbzk4
- v=spf1 include:mxsspf.sendpulse.com include:us._netblocks.mimecast.com include:_spf.google.com include:_spf.salesforce.com include:amazonses.com ~all
- SFMC-6RN3eHPhD-sl9CDHXbijQo0lSyGl566OpgI_mrB1
- MS=ms45566631
- google-site-verification=aA3_Dpzw2CSz2GfcETxUqfrlFya-_4Ykavdsv5UKibo
- MS=ms17817568
- D1420640
- google-site-verification=-x00Z0uxhyU1J67JiQivy3ORuIQf_YcvNSHc8Z_aMhs
- google-site-verification=Wi5R22LDewbjCHMPaiwFMhrL3n1n4Yp5UqntdYLo2aE
- MS=ms72418106
Cloud / SaaS Services Detected
Amazon SES/WorkMail
Microsoft 365
Salesforce
Mimecast
Leak Screenshot:
