Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Robertshaw

Group: hunters

Discovered by ransomware.live: 2025-02-06

Estimated attack date: 2025-02-06

Country: US

Description:

Exfiltraded data : yes - Encrypted data : no

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 42

Third Party Employee Credentials: 34

External Attack Surface: 7


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse cscglobal.com
MX Records
  • robertshaw-com.mail.protection.outlook.com.
TXT Records
  • MS=ms96811119
  • atlassian-domain-verification=/CdgFvzkQ7Xc2oHfSRnpYwTF07Z1DUbqIclbDEwaPuxa6EZz26B/jbUARFrMO4vQ
  • cpsqt5rkkcmsvvx1n9xy5kq5905my8wj
  • facebook-domain-verification=6zz4tmz7wv5uhfgym5o36a1uxag210
  • h2hbwlrrccmjb1c7ygcxqcjj9wqhj0qz
  • k1bq7mh62zkpbcnt75g1lc8dts4v41h8
  • kgbs6gcg0sh17n5w6sswd8ljdd71qfqj
  • q3bqzqkw6hln0gr5kvc1z1fzbg6scrfy
  • tjwgr7yvln5mhq7rc028dmknryfxgv77
  • v=spf1 include:spf.protection.outlook.com ip4:52.6.71.218 ip4:52.202.36.129 ip4:64.106.168.232 ip4:64.106.168.225 ip4:54.173.211.88 ip4:195.245.231.138 ip4:65.161.25.0/24 ip4:66.35.58.128/26 ip4:80.188.30.170 ip4:184.174.191.131 ip4:184.174.191.130 ip4:40" ".136.185.54 ip4:64.106.168.160 ip4:64.47.197.9 ip4:38.97.236.0/24 include:_spf.salesforce.com include:auth.msgapp.com ~all
  • x2e0i9SNj964BTH19IzjBEYiKqs4/AOqgkELD9W9CDriuWovp3qgTzvKS20uV8kudvwbSH8ZiS824t5HKCFZYg==
  • 59qvh8rx0g5kqx82874g0z20d4tqpxx2
  • 8blkpcs9nmzhh9jy54tkbjl2880352sc
  • 9wk0kjgs4r00twtp21z9ksf1b0j9r5pc
Cloud / SaaS Services Detected
Atlassian Microsoft 365 Salesforce

Leak Screenshot:

Leak Screenshot