Telecommunications Services of Trinidad and Tobago (tstt.co.tt)
Telecommunications Services of Trinidad and Tobago (tstt.co.tt)
Group: ransomexx
Discovered by ransomware.live: 2023-10-27
Estimated attack date: 2023-10-27
Description:
tstt.co.tt and bmobile.co.tt. 4293368 customer's lines, ID scans, gitlab projects, db dumps.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 13
Compromised Users: 202
Third Party Employee Credentials: 28
External Attack Surface: 67
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- No emails found.
MX Records
- ALT3.aspmx.l.google.com.
- ALT4.aspmx.l.google.com.
- aspmx.l.google.com.
- alt1.aspmx.l.google.com.
- alt2.aspmx.l.google.com.
TXT Records
- amazonses:SKXsAbq7P2ULrA5D1/hj/UfswExXlSDJ5jhSbE7npmk=
- amazonses:y3AMoFmEyu/uObhUYb+Asrem8SI4cOl+H00V6PZZAJs=
- v=spf1 include:_spf.google.com include:emsd1.com include:spf.mandrillapp.com include:servers.mcsv.net include:spf1.satmetrix.com include:amazonses.com ip4:209.94.198.95 ip4:207.166.92.11 ip4:207.166.95.11 ip4:207.166.101.207 ip4:207.166.104.207 ip4:190.58" ".160.1 ~all
- google-site-verification=Ghdk2W7eQqetolzFhwSKyvjlsCZp2SubpMyG1eQqHiY
- duo_sso_verification=uw962VjuzKbgWNXkT8b3nHu6wmFAhJ28zOoSNLPSbYUvqNjdRfM2RZ35SwnoNkiF
- MS=80DA4E43F1BC86BBBA9727042F55D5802A2CC9C3
- amazonses:DGjGirXmHPSuW/tkCZAKkbAayq0vlGH3HqmimObWLOU=
- amazonses:RB7rjMvq3PjpBY4r4kR9tE3qOjOqw00qGTuZqzVa2Nw=
Cloud / SaaS Services Detected
Amazon SES/WorkMail
Mandrill
Cisco Duo
Leak Screenshot:
