QUORUMFCU.ORG
QUORUMFCU.ORG
Group: clop
Discovered by ransomware.live: 2023-07-05
Estimated attack date: 2023-07-05
Description:
High-yield Savings, Mortgage Experts, Mobile Banking
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 17
Third Party Employee Credentials: 0
External Attack Surface: 15
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse support.gandi.net
MX Records
- quorumfcu-org.mail.eo.outlook.com.
TXT Records
- apple-domain-verification=3J32vYo9n45WU41L
- cisco-ci-domain-verification=4c6e196a2649e72137ac279b788b250c64d247212cc9fcdf78e891547f9feb26
- google-site-verification=jLn3BIHVqpwJM5kt-ed3kz-I24e46GMPnZZ3LIWitPA
- v=spf1 ip4:12.106.86.235 ip4:135.84.68.123 ip4:140.239.15.133 ip4:20.80.223.47 ip4:20.80.223.73 ip4:207.238.24.4 ip4:207.238.24.5 ip4:208.86.168.7 ip4:52.154.205.51 ip4:52.154.251.223 ip4:52.154.252.105 ip4:52.154.252.151" " ip4:52.154.253.130 ip4:52.154.253.152 ip4:52.154.253.179 ip4:52.154.253.27 ip4:52.154.253.31 ip4:52.154.253.51 ip4:52.247.86.72 ip4:52.254.58.167 ip4:52.254.58.198 ip4:52.254.58.211 ip4:52.254.58.240 ip4:52.254.58.255 ip4:52.254.60.20 ip4:52.254.62.9" " ip4:64.18.0.0/20 ip4:68.232.131.30 ip4:68.232.140.103 ip4:68.232.143.79 ip4:149.72.198.89 " "include:_spf.optimalblue.com include:mailgun.org include:spf.protection.outlook.com include:spfhost.messageprovider.com include:docs-center.com -all
- 62MmAcs45BnOoqjrf6vELa+HaY04ohoRSeDbnSx2DgyW6Wcs3SeVEeoNFJXp2EMnD7tlSlIqm89riNov811Pgg==
- MS=C34820AACA6593B9F80DA3DEBA576A3EC111CF96
Cloud / SaaS Services Detected
Apple
Mailgun
Cisco
Leak Screenshot:
