Robins & Morton
Robins & Morton
Group: dunghill
Discovered by ransomware.live: 2023-09-26
Estimated attack date: 2023-09-26
Description:
Robins and Morton is a company operating as a construction firm. It specializes in planning and design, construction management, multiple delivery methods, self-performed work, and green building. The company serves healthcare, government, and commercial markets. In the past ten years alone, it have completed nearly $10 billion in projects. These projects vary from major new hospitals and complex renovations, to hospitality projects and a variety of other commercial work.
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain.operations web.com
MX Records
- robinsmorton-com.mail.protection.outlook.com.
TXT Records
- facebook-domain-verification=1fr0dey3ez3mx7u32aq09ox38kg57u
- google-site-verification=vVP6o8E87jlnUBumTB2ifZ-PTD1JZcU3YX2-lCITDd0
- v=spf1 include:spf.protection.outlook.com include:spfa.cpmails.com include:spfrerouting.xink.io include:spf.zohomail360.com include:mailgun.org include:relay.kinstamailservice.com ip4:23.251.231.52 ip4:3.209.178.232 ip4:23.251.237.159/32 ip4:23.251.237.16" "0/29 ip4:3.251.237.168/30 ip4:23.21.109.197 ip4:23.21.109.212 ip4:147.160.167.0/26 ~all
- 2k28rr1kv9flkan4vee41sjgb2
- b4hkig1c5n3krkmktrv6rhrssv
- apple-domain-verification=g3mlSIeBVPYqcnmx
- zoho-verification=zb31984692.zmverify.zoho.com
- sd10rc5dhm34h3rjo05he5uj7j
- 2GLNR550MNTDD1s1zdjbPJmiY/a71tv0e/7lLvl1gkC5WA+pzRZQDDnF4q5pG084HFo3LO21BRh4HYb868gdnQ==
- docusign=5322d609-2f99-46f6-a695-a48052182ee6
- rj0eo8dla27p5fbl12765e8785
- 1password-site-verification=APQIEJEFSNA5FDXYXTRFGJXKUU
Cloud / SaaS Services Detected
Apple
Mailgun
Zoho Campaigns
DocuSign
Leak Screenshot:
