Televerde
Televerde
Group: play
Discovered by ransomware.live: 2024-01-06
Estimated attack date: 2023-12-21
Country:
Description:
United States
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 2
Compromised Users: 5
Third Party Employee Credentials: 7
External Attack Surface: 2
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- mx-01-us-west-2.prod.hydra.sophos.com.
- mx-02-us-west-2.prod.hydra.sophos.com.
TXT Records
- v=verifydomain MS=8911074
- y7RocK2sYEY3zd5EJVxeoHKExExstt3Ap/mZDuO9+jTyVaRZ22ACOl8SFm9GoY+6BqCLRxDPP8+8C9w/VR8koA==
- google-site-verification=w1tOyr6eNopeOIuYH843mCEjB1-5TNPL-moCy0dppMA
- cj8r62610iqpu1l745tleqc15q
- apple-domain-verification=YOFyGvqX2QfDkN8H
- e2ma-verification=frzcb
- v=spf1 mx ip4:72.32.154.224/27 ip4:174.143.64.168/28 include:mktomail.com include:spf.protection.outlook.com include:_spf_uswest2.prod.hydra.sophos.com ~all
- facebook-domain-verification=gseezv2cmciurek4a1a4bfpoy9beb1
- google-site-verification=_ZctOH7b_czIDo_IiStMBoLLljSdT1SXs2C6ne8oaQM
- OFF* tvprod.azurewebsites.net
- google-site-verification=e6l0UjVD1DuWA6oajDGAtkK-pKZVxZygoOqMQoCSQHs
- twilio-domain-verification=f473a3e6f9a09aea302a1c09af067e7f
- v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC89Gi3F6Hymft7DxHukn+GeNC4I2CivC8ZTbzvHrCXmtziE9VYPVtvN8aCdyTC6vImNo44HxlC3Yp6PI+i9Fv4hgJufg2XqdKzRgL7zp9VKBg4JlBkgpGco89ggr3k1feOT/AH/CIaCaea6oXpxKG7DKv3kKzpjXAwdvxxfXRs5wIDAQAB; n=1024,1455675410,1" "471400210
Cloud / SaaS Services Detected
Apple
Microsoft 365
Twilio
Marketo
Leak Screenshot:
