Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Webber International University

Group: Ransomhouse

Discovered by ransomware.live: 2024-02-26

Estimated attack date: 2024-01-20

Country: US

Description:

We have been recognized by the Princeton Review as one of “America’s Best Value Colleges” and a “Best in the Southeast” school. Established in 1927 as one of the first business schools for women in the nation, Webber now hosts men and women from over 48 different nations. Established in 1896 as Flora Macdonald College, St. Andrews University (a branch of Webber International University, formerly known as St. Andrews Presbyterian College) joined the Webber International University family during the summer of 2011. A traditional Liberal Arts university, students at St. Andrews major in a wide variety of fields. Each Webber campus is a traditional residential campus and features a wide array of extra-curricular activities. While most of our students are traditional undergraduates who attend classes in person, all day, play their sport all afternoon and retire to our dorms for the evening, we also offer accelerated adult completion, evening MBA, and completely online degrees. We are a results-oriented organization that expects people to meet their goals and understand that this requires hard work. However, we are a collegial, friendly workplace. We have an open-door policy. We know each other. We know our students


🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 9

Third Party Employee Credentials: 3


External Attack Surface: 3



DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • webber-edu.mail.protection.outlook.com.
TXT Records
  • v=spf1 include:spf.happyfox.com include:spf-sites.us.w3pcloud.com include:spf.protection.outlook.com ip4:198.21.5.85 ip4:4.71.8.194 ip4:216.27.20.130 ip4:216.27.20.140 ip4:216.27.20.141 ip4:216.27.20.142 " "ip4:167.89.101.146 ip4:167.89.101.149 ip4:167.89.60.152 ip4:167.89.89.156 ip4:192.237.158.52 ip4:192.237.159.131 ip4:192.237.159.132 ip4:192.237.159.133 ip4:204.75.142.249 ip4:1.123.12.123 include:sendgrid.net -all
  • facebook-domain-verification=bar3bwm1gun6og8p5hhw87vo4rej80
  • r47rdldmvq6r1cy486h8cyl7v2jn60n9
Cloud / SaaS Services Detected
SendGrid

Leak Screenshot:

Leak Screenshot