coves#####
coves#####
Group: clop
Discovered by ransomware.live: 2024-12-24
Estimated attack date: 2024-12-24
Country:
Description:
Presumed victim name: Covestro - Cl0p announcement. We have data of many companies who use cleo. Our teams are reaching and calling your company and provide your special secret chat.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 5
Compromised Users: 107
Third Party Employee Credentials: 30
External Attack Surface: 34
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domainabuse cscglobal.com
MX Records
- covestro-com.mail.protection.outlook.com.
TXT Records
- onetrust-domain-verification=1b34852679d14bc9963a6baf8550f333
- onetrust-domain-verification=a03da2c3b83148488fa52189039ebbcb
- v=spf1 include:3jj7f5z2vq.powerspf.com ~all
- LvGx6JoDz386YDe2DEHpFP7rWumhtWk4oGeKcxB78eD/66ZI1weKMZfAgMAtRgaGVy/KkOkPgNjPyExBl7uAsQ==
- MS=ms25407304
- Y292ZXN0cm8=
- adobe-idp-site-verification=1c2733ba667b265ab654921fb2f46e56b6deee9e706d4b4e01a8dd2a3fa6d105
- apple-domain-verification=auTZ2Z9Lv4JJcLYh
- atlassian-domain-verification=jlWGSDQLJgB/jOh8rOajd14bQ4L4KHC3RbkqOaugwPRYt70S1mX5l7SuDLy93a6c
- autodesk-domain-verification=57TVBYk9SmAZ2RaKfs8J
- b+t3SNvAErbl+IlmosdIk+2hIq9qRm1x3YU+g+Mr2rQ7cdoJZRxmfvo6qi3nvE6GF5bedr9CZdVJAW0aNwzuQA==
- figma-domain-verification=2668d3e489535cadfce63139a1d6c997786796500bdcb511181d397b06385e30-1739517986
- google-site-verification=2CUzh4dLiBJZ3RnP-iLlC2xA8Y-TMiHW151GcDoq-Sw
- jetbrains-domain-verification=7nbccqwlo89y43g5g57bg4177
- miro-verification=7f107923a9122c807963b572718fb3826eab9e41
Cloud / SaaS Services Detected
Adobe
Apple
Atlassian
Microsoft 365
Miro
Autodesk
OneTrust
Leak Screenshot:
