Vending Group
Vending Group
Group: royal
Discovered by ransomware.live: 2023-04-01
Estimated attack date: 2023-03-30
Description:
Vending Group company provides vending services (obviously). They are partnering with big names in beverage business so there are a bunch of interesting docs in the pack. We have from them 61GB of internal data concerning accounting, financial, employee information. And they seem to be not very interested in protection of it.Please take a look!
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain.operations web.com
MX Records
- vendinggroup-com.mail.protection.outlook.com.
TXT Records
- qpmr0u133ej5ti4ekokgnbvgus
- v=spf1 a:spf-us.emailsignatures365.com ip4:96.86.254.240/29 ip4:69.199.6.25/29 include:spf.protection.outlook.com -all
- google-site-verification=VMcYBTDZ8Dk22STp0_v6CoBtIe8Pu93zRhhpnhrq6WE
- v=spf1 a:spf-us.emailsignatures365.com ip4:96.86.254.240/29 ip4:69.24.138.184/29 include:spf.protection.outlook.com include:2491373.spf02.hubspotemail.net -all
- knowbe4-site-verification=2e7c092863c4333ca9eb937ebd090582
Cloud / SaaS Services Detected
HubSpot
KnowBe4
Leak Screenshot:
