Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks


Group Play
Discovered 2023-09-18 20:45 UTC
Est. attack date 2023-09-18
Country US

Description:

Arizona, United States

Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 10

Third Party Employee Credentials: 1


External Attack Surface: 1


Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • b3f9942c8a2a3e63cbdb34c5b845d9ce5b68c799fba3ebd8b015c565c14af10brtafleet.com.whoisproxy.org
  • b3f9942c8a2a3e63cbdb34c5b845d9ce6f2116e109649b5f22cb3745aa2318fartafleet.com.whoisproxy.org
  • trustandsafetysupport.aws.com
  • b3f9942c8a2a3e63cbdb34c5b845d9ce6f2c717dea5ed2e179ef02771654ef7artafleet.com.whoisproxy.org
  • b3f9942c8a2a3e63cbdb34c5b845d9ceea037fddaffadc4e790b5c8fbaa340b0rtafleet.com.whoisproxy.org
MX Records
  • rtafleet-com.mail.protection.outlook.com. Microsoft 365
TXT Records
  • google-site-verification=KKIGPxoB9El8NTAy6oarROjx7j8MenEOITCsJZNfBQc
  • google-site-verification=Lnzzf5rL48i8NqkJJOguu7BXUow2BzRvdeJRGWBBJs0
  • google-site-verification=_z2ltKr940s1QWGnqrLovjdK_G-WgeWi3xYz_vKxxvQ
  • stripe-verification=33f04b2d3ab2ce1bcdf05d73ac6e54ce2b4d4061029040ff37970dac0ff82cae
  • v=spf1 include:_spf.rtafleet_com._d.easydmarc.pro ~all
  • ZOOM_verify_IdDMccr63TSKQPOc64MpGK
  • anthropic-domain-verification-gv6zr4=JLtKa4KDXO4WXFWyM0MtMRJcv
  • apple-domain-verification=yA39qS8rfeS9nC8D
  • firebase=xerifleet
Cloud / SaaS Services Detected
Apple Stripe Anthropic Zoom

Leak Screenshot:

Leak Screenshot