Tricon Energy
Tricon Energy
Group: lynx
Discovered by ransomware.live: 2024-10-23
Estimated attack date: 2024-09-29
Country:
Description:
TRICON is an international trader and marketer for main petrochemicals, essential as building blocks for the finished products.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 7
Third Party Employee Credentials: 7
External Attack Surface: 0
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain.operations web.com
MX Records
- triconenergy-com.mail.protection.outlook.com.
TXT Records
- p8h+KMPF8mTiyP/V5w3NgR+5C8u6/MOVnixPcVuE6netTXzCZ8O9Pgrv5uoEHRPQxzKvqqzrkGBAlXGVYWFflw==
- tricon-website-prod-webapp.azurewebsites.net
- v=spf1 ip4:162.247.247.232 ip4:35.80.141.6 ip4:149.72.231.47 ip4:149.72.196.66 ip4:155.248.168.143 ip4:159.183.189.224 ip4:34.150.240.219 ip4:35.236.245.134 ip4:129.80.3.142 ip4:150.136.197.234" " ip4:69.64.153.131 include:spf.protection.outlook.com include:spf.myconnectwise.net a:dnsus1.accellion.com a:dnsus2.accellion.com include:sendgrid.net include:spf-us.emailsignatures365.com include:_spf.highradius.com include:_hrc1.highradius.com ~all
- MS=ms90324909
- apple-domain-verification=GBwYsW7CNNcs2sDw" "9KQl+G/7bZweqeML6gyOvW7E0kP3fn1Kp49baeDC1pHDcnOf3cFirrEt8L2q5R4n0DnadBeYWKXNm0gp+A+HOQ==
- b8cde4cfbc2c464abddb12ddbc8433ff
- docusign=87b23e10-984a-4e08-ac9e-5536b7f6ec64
- google-site-verification=PUeuk9Yp-VvMwiZ685C73uUyMUQ5YQ8hIp5-Q0_76Jw
- mep9jjbkctm8ikm8a045up5497
Cloud / SaaS Services Detected
Apple
Microsoft 365
SendGrid
DocuSign
Leak Screenshot:
