Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Rand Technology

Group: play

Discovered by ransomware.live: 2025-05-05

Estimated attack date: 2025-04-28

Country: US

Description:

United States

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 4

Compromised Users: 0

Third Party Employee Credentials: 4

External Attack Surface: 5

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • mx2-us1.ppe-hosted.com.
  • mx1-us1.ppe-hosted.com.
TXT Records
  • ppe-011a993b4ef7c878b513548c0ee5be74e5e04383
  • v=spf1 a:dispatch-us.ppe-hosted.com ip4:64.58.177.66 include:spf.protection.outlook.com ~all
  • 1j6l0hrj61062z069vdqtp46r6rjrhz3
  • 402xnzt7kpwc0tfcgqmrnc8f0xnnymnz
  • 7llj6kvld5k1hdfgrrtnz0ycp1tm1l14
  • brevo-code:016005395c691b030b1fa06ac665b010
  • duo_sso_verification=0IkO15CHZSsTPASWZlJ7dhrIu09ydWZOZhd0afwxqJTQNVxZ9c9D2IiCjrakNygY
  • google-site-verification=10sjWs7vP0TINEuFkoASGPVimvVIg8bWRp43xDJlqVI
  • google-site-verification=MDf47MMBvuhVfhve6KoJfHtZV0AtEq5Lf6z2czOA7C4
  • google-site-verification=yT_3gRqDCogPrwmfhVONuGqmW6oYYBqvtsZ1qG5Tbqs
  • hjw5jkrytcrsnyv42rvpjmtfmlk8f58z
Cloud / SaaS Services Detected
Cisco Duo Proofpoint Essentials

Leak Screenshot:

Leak Screenshot