UFCU.ORG
UFCU.ORG
Group: Clop
Discovered by ransomware.live: 2023-07-14
Estimated attack date: 2023-07-14
Description:
UFCU Checking, Savings, Credit Cards, Auto Loans, Mortgages, and More
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 255
Third Party Employee Credentials: 0
External Attack Surface: 40
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- icann-abuse-reports tierra.net
MX Records
- ufcu-org.mail.protection.outlook.com.
TXT Records
- google-site-verification=swk6_nqDlUCR87I92dRTIcg9uEko1qbUAtw7Lq9oCHk
- google-site-verification=VimgxoOkW7Xe-JmP9mj69htDSvDA2H1QrsrWpKKSzh8
- ZOOM_verify_-eTrnlciS2qxo-h8_HH-sg
- 1password-site-verification=QKMSIKXOOBHHXOJCIJAABEGVVA
- apple-domain-verification=Q4wKrU1nz0YLgarJ
- d365mktkey=qfFoQlfwtzzcZIbg40AVIyU0otwCPDslAK1cmAHx6xEx
- ZOOM_verify_PteyX6tQYULd3eOCy5nSxw
- heyhack-verification=0198e197-b5eb-73ec-98e8-2e8073f8c3fc
- d365mktkey=sJGWI5QkiGtWxGEsM2lWFUmqdZSkTztSzx4ea8Zxu0Yx
- MS=ms15318521
- amazonses:lVooPwliLbqjGnjcrhEBI2KI5lISjWb+1pnBjdXAM98=
- docusign=018f3c22-4442-4a65-a9eb-c36296835b1d
- docusign=2f8dbfa4-30de-4f8a-b99d-53eb6750bfef
- v=spf1 include:spf.protection.outlook.com include:amazonses.com include:sendgrid.net include:_spf.ultipro.com include:vertifi.com ip4:144.86.200.0/22 ~all
- amazonses:wz2GWV1Q7ie+XjAE6n/aYgPE2IqbsB4/giVwniapX9s=
- mrcFvYqhc200OHcYBxFRvB9kReo6J346q0SLNqBersLF9bLYoB6cqumyzy1ckUWfIl70073VTVSsnK5s9YeS8Q==
Cloud / SaaS Services Detected
Apple
Amazon SES/WorkMail
Microsoft 365
SendGrid
DocuSign
Zoom
Leak Screenshot:
