The Source
The Source
Group: alphv
Discovered by ransomware.live: 2024-02-13
Estimated attack date: 2024-02-13
Country:
Description:
The Source Electronics Inc., doing business as The Source, is a Canadian consumer electronics and cell phone retail chain. The chain goes back over 40 years in Canada, initially as Radio Shack and later as The Source by Circuit City.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 7
Compromised Users: 2022
Third Party Employee Credentials: 6
External Attack Surface: 79
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abusecomplaints markmonitor.com
- webmaster thesource.ca
MX Records
- thesource-ca.mail.protection.outlook.com.
TXT Records
- TM_MDM_SERVER={http://207.236.93.209:80}
- PKYbngkXg6Kf5KuzsIif/KY4TE2f1DUmz2adis6WvEdg0PT8QAQKDv4d/TeBxwEt60efWmmDF//5wGMm57m0TQ==
- MS=ms30857381
- v=spf1 ip4:207.236.93.217 ip4:207.236.93.218 ip4:209.171.53.0/24 ip4:199.122.123.199 ip4:207.236.93.238 ip4:207.236.93.248 ip4:72.28.81.248 ip4:72.137.135.22 include:spf.protection.outlook.com include:amazonses.com include:_spf.salesforce.com -all
- onetrust-domain-verification=5ac1d4ba8eaf47e585101297d46f642c
- lJB+0canervQEKSXPoeed53Y6yxFcdNDLWdd5QmDWIh3v4NshthA3VKKxQqS0hilxgQnkcR7YCRELqgbvP2abg==
- cisco-ci-domain-verification=6f0c07ac7ce0e67fe860f9c3dce941c26f7141e79b82823b9deea8562a1d0a39
Cloud / SaaS Services Detected
Amazon SES/WorkMail
Microsoft 365
Salesforce
Cisco
OneTrust
Leak Screenshot:
