Toolmarts
Toolmarts
Group: play
Discovered by ransomware.live: 2024-04-26
Estimated attack date: 2024-04-26
Country:
Description:
United States
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 2
Compromised Users: 4
Third Party Employee Credentials: 3
External Attack Surface: 2
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- registrar-abuse cloudflare.com
MX Records
- toolmarts-com.mail.protection.outlook.com.
TXT Records
- google-site-verification=Cwo_NRmqGCk3PEUNe02KWjxOJvPCUrQ25Zns-gMjebI
- v=spf1 ip4:173.231.203.230/16 ip4:127.0.0.1/16 ip4:70.167.122.33/16 include:spf.protection.outlook.com ~all
- MS=ms41178857
- MS=ms58224125
- MS=ms94596662
Cloud / SaaS Services Detected
Microsoft 365
Leak Screenshot:
