Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo climatech.com

Group: blackbasta

Discovered by ransomware.live: 2024-02-22

Estimated attack date: 2024-02-09

Country: US

Description:

Commercial / Residential HVAC provider Climatech Inc, is a large full-service mechanical contracting company serving customers in both Pittsburgh, PA and Tampa, FL. Over the past 40 years we have grown into one of the largest contractors for heating, ventilation, air conditioning and refrigeration in Pittsburgh, which is directly attributable to our attitude in providing the highest level of quality in all that we do.SITE: www.climatech.com Address : Climatech, Inc. 200 Bilmar Dr Pittsburgh, PA 15205 412-921-8000ALL DATA SIZE: ~550gb 1. Employees folders and documents 2. Human resources 3. Accounting and finance data 4. Payroll and etc…


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse omnis.com
MX Records
  • mx1-us1.ppe-hosted.com.
  • mx2-us1.ppe-hosted.com.
TXT Records
  • v=spf1 a:dispatch1-us1.ppe-hosted.com ip4:67.231.154.162/32 ip4:148.163.129.50/32 ip4:148.163.129.51/32 ip4:67.231.154.163/32 include:dispatch1-us1.ppe-hosted.com ?all include:spf.protection.outlook.com -all
  • MS=ms29525769
  • duo_sso_verification=gufr4y6R4cUWmuLFLo0amnjUgwH9eMJ7nQPS8PwMlh0IpOOMJNUM9YoExZmL7Jac
  • MS=065988695BD3E7C932C41D97EE16FA6BB7F8373F
Cloud / SaaS Services Detected
Microsoft 365 Cisco Duo Proofpoint Essentials

Leak Screenshot:

Leak Screenshot