Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Raffmetal Spa

Group: dragonforce

Discovered by ransomware.live: 2024-07-08

Estimated attack date: 2024-07-08

Country: IT

Description:

Minerals & Mining

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 8

Third Party Employee Credentials: 0

External Attack Surface: 0


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • mail.raffmetal.it.
  • mx.raffmetal.it.
TXT Records
  • eovt5uu1na8kd8up8rekk7gdk5
  • v=spf1 mx ip4:80.18.124.67 ip4:212.183.186.166 ip4:185.11.193.99 include:spf.webapps.net include:spf.protection.outlook.com -all
  • MS=ms49641270
  • duo_sso_verification=ffe0gOtBPySiw4QcoJGnw1WGzNInjTdTqMdKcL3lgWY4yvgkdLUx4dt3297QPg64
  • v3ctmlgmiu9k6m5jj4re0rq422
  • logmein-verification-code=2a6ea0b6-88d2-420f-b604-7477188d928e
  • 9io9nlosko6repicqh3p7m4do
  • sjn5ocdm9m61tduslqudqvsbes
  • VKpxO+MqEmIEVccPFKD85PsrPvfge/ba3PSGg3SGUh4zwkxfR/BXrIcVgO30j9QLEfMsQy+ovoLhpbn1YPDHQA==
  • 3zzdcjtxb4mehl4he8axqqqo2bj6ajun
  • MS=F3F80583DFC02CBCFA3D1FD9DC2B8F60A265FBD2
  • gg893b8oa9aqrtoef18ju37kl4
Cloud / SaaS Services Detected
Microsoft 365 LogMeIn Cisco Duo