QUARK.COM
QUARK.COM
Group: clop
Discovered by ransomware.live: 2023-07-26
Estimated attack date: 2023-07-26
Description:
Quark Software, Inc. - Modern Content Lifecycle Management
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 2
Compromised Users: 647
Third Party Employee Credentials: 7
External Attack Surface: 104
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain.operations web.com
MX Records
- qsmtp1.quark.com.
- smtp.quark.com.
- qsmtp2.quark.com.
- quark-com.mail.protection.outlook.com.
TXT Records
- google-site-verification=LwZw2ZNAdFO2HIGh_fDYQA7OELYGk2GIOmcN3fJVt44
- google-site-verification=WR3D5lVrT43PtlrOt1hMx0DMtUwx4_JLnTxuPrZc2bE
- cr1cl5h2bbqs4sla83r2ugqph3
- sophos-domain-verification=8584eae1a90e709bbd5167ec96106d400f9419384f37c4524865e77969f68877
- BC632F45C4
- 4eL4BCfRbMVHW11USIqx+rg6chAf2Afl3TDs8GkMVNDerAE2j/qd9c6a93BBNFNpov6JNaoeQnSAvp110yWZ8A==
- apple-domain-verification=8ZHd764xTbMYQsv6
- GPPqO5LhB/xMx2uDtBu9mibos9Y1Obmx0tMu4C2kdgl9zoEEmBekcQEFR4VmrtyPyKXIjiRv2lILfYqoq+3HVg==
- pardot650323=be34da1e951b3d919983bef517ff86a5339d56ce56fee1e2d5af33647d68cd4e
- MS=ms31060058
- x7tgg19t
- 17tobgghalo5o6paiubolciho7
- site24x7-domain-verification=c4762c985f1395d9d77ee1623b941a98
- site24x7-domain-verification=c2fc4c198702594fb4321626bd9ffa03
- v=spf1 mx include:_spf.salesforce.com include:spf.protection.outlook.com include:aspmx.pardot.com include:spf2.quark.com include:md02.com include:amazonses.com include:spf.emailsignatures365.com -all
- pardot650323=f073ea041679bca3a953b5bdc6aa3579379dbd95f007c43a58643b81e447e263
- brevo-code:21b103a5dc4f58cd4c6b9f97097194a1
- google-site-verification=zJkHn3ASI48lWQ1Jub1XffdnySXoPTPs_Owa_OPSAKk
Cloud / SaaS Services Detected
Apple
Amazon SES/WorkMail
Microsoft 365
Salesforce
Sophos
Leak Screenshot:
