WALSER AUTOMOTIVE GROUP
WALSER AUTOMOTIVE GROUP
Group: play
Discovered by ransomware.live: 2024-05-30
Estimated attack date: 2024-05-03
Country:
Description:
United States
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 2
Compromised Users: 0
Third Party Employee Credentials: 3
External Attack Surface: 2
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- walser-com.mail.protection.outlook.com.
TXT Records
- tmes=8d7ec74b4ccb67cc8bd8de150e87148d
- v=spf1 ip4:50.207.89.118/30 ip4:50.207.90.1/24 ip4:67.130.23.122/30 ip4:63.151.78.1/27 ip4:63.159.139.126/27 ip4:207.187.164.0/24 ip4:184.105.48.66 include:spf.protection.outlook.com include:_spf.hosting.cdkglobal.com include:dospf.simplepart.com mx ~all
- walser.com,13mJaPPGwZ18esxDrhoLvh3QimF4Nl/7MGOOBB7IMzKGhWGN+7rzg3xzLFxjOD4oVDlCa/Dz2sQOLckAR0gIxQ==
- 13mJaPPGwZ18esxDrhoLvh3QimF4Nl/7MGOOBB7IMzKGhWGN+7rzg3xzLFxjOD4oVDlCa/Dz2sQOLckAR0gIxQ==
- MS=ms22391367
- _sqzs5o81uimet7a2596vyjioua9nijg
- atlassian-domain-verification=XPgd65P9Xma056vSFzKDI0O1dd4eg9L0lVGNGJznpwJr2LBxafcZEHTDDlENn44y
- google-site-verification=672hBjEPco8E1gqD79JsZuhqdjnEDXq99hZctSXocTk
- google-site-verification=__Wl-oC3I1VXgUVhPmfav7JMadCQf5f-1MzZdrfQtek
- google-site-verification=e6EmkAfaB6xtyakbUZW6q5q2Vfkf6ZSVNsc_c8np9J0
- jamf-site-verification=f8NUP9Pv74cdw0q24sAlog
Cloud / SaaS Services Detected
Atlassian
Microsoft 365
JamF
Leak Screenshot:
