Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo VIRGIN.COM

Group: clop

Discovered by ransomware.live: 2023-03-23

Estimated attack date: 2023-03-23

Description:

Official site - Virgin


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse comlaude.com
  • virgin.com-Registrant anonymised.email
  • virgin.com-Admin anonymised.email
  • virgin.com-Tech anonymised.email
MX Records
  • eu-smtp-inbound-1.mimecast.com.
  • virgin-com.mail.protection.outlook.com.
  • eu-smtp-inbound-2.mimecast.com.
TXT Records
  • RLihsqMQKC1xr5ehts/4zAUiwfFCLEy9MYhC2kv9/j8=
  • MS=ms34980927
  • ULqgjfsIn2uHnY2N5RGs4QmFAw7bXni+KkJjJroO6lTbLjb+IHjVK1M04Dn+Ai18K5Y0mv9lw0ymNkE3a1juSA==
  • GDORg7rngqrJ4N1jlbkd3b6u2t22IvVpxRywIoZw+pY=
  • access-domain-verification=d815463da8cc692ecf04f66b7756c16ca4c29311328276106f61156973d65863
  • atlassian-domain-verification=d4kVVMFd3hmh0e0TPRWOpUoepPDlmWNIv4htRNT/nxZKqC5il48Px2lmO4F2eCGU
  • google-site-verification=p4-5Cte2uEppuTJJMehJVgTHtcmxpZN2sAiW-E5rlog
  • globalsign-domain-verification=xQEoaPpFUx09llEs-RMGhBhcMjEEdUWNQ_gE872kHJ
  • 0ed1fe018a256b3f8a5ab3462ba482948c5ef8630f
  • shopify-verification-code=fqDh7Qa6KrgU5vubvbb0nhRrQPhUoe
  • v=spf1 include:_u.virgin.com._spf.smart.ondmarc.com include:spf.protection.outlook.com ~all
  • globalsign-domain-verification=B326A9B6EF96CF09FBFB3D6EB8D33E07
  • FzTqa7ZxEZld0Z/EwiPU81WIxCmsyqQAaJ/A4+QVAhM=
  • UTn5rQGAPQhU/PnGqcRIvforleOnZI5Mskgv5ZfFF28=
  • uJrLf01IJPrfhsCpsunm06xhJJszNhEJD/ab55aJ03s=
  • 0WY2kzz1CvcwYim9mJi1mlWQqmc88DE5X0XiyxU2dLc=
  • docusign=414ea002-6fdc-40e5-98c3-27fabaf68f04
  • apple-domain-verification=OnzR1Msid1dwR9av
  • d2asjao7mhzvg6.cloudfront.net
  • _globalsign-domain-verification=SVqlIn_YoUkF5toDBzyFBt2nbMuoufdSjrya6vk-Gh
  • 0ed1fe018adc01fe51f52e4f43a9d0bf114f8f4a92
  • gOJ9RC0L/Tle4H/VcVNFBPFvkf/ldVICx87edHReo5I=
  • _globalsign-domain-verification=YEX1J3Hcyyet72eDN30OxU58PBzkJrwSDg7Oej9whb
  • _globalsign-domain-verification=_sX9UVAsxD0D7zLLLH2zxhlY-NH-eOjjwMJMnbUdGY
  • have-i-been-pwned-verification=a6106e104352aba84a9f9b3994428e37
  • globalsign-domain-verification=TguyTfAlm-IBP9zHotLJV1kccEHjJ8CUTcRWvKHiZ4
  • 67zjMHzWR8sP9ttgSIA+EyeZg9P2TUEVYHpCDJmvFEw=
  • facebook-domain-verification=o3o8znjlm15cni3pt5dz7q6jrzgo0z
  • or/GiHoiyfSm4GiyLEcX/gKb6bv8or2gZb/OnGkWwcM=
  • globalsign-domain-verification=HZjFSEZcqvXRXCn3ACsWGNSQFR8BqDR0M3NTcQ4LqF
  • logmein-verification-code=8c6f5dcd-af21-4303-89ff-2f90a881bb56
Cloud / SaaS Services Detected
Apple Atlassian Microsoft 365 LogMeIn DocuSign Have I Been Pwned

Leak Screenshot:

Leak Screenshot