Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo csem.qc.ca

Group: lockbit3

Discovered by ransomware.live: 2023-08-09

Estimated attack date: 2023-08-09

Country: CA

Description:

1 partCSEM promotes and encourages the burial of cabled networks on the Montreal territory by associating with the City of Montreal and with numerous energy and telecommunications companies and providers.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 9

Third Party Employee Credentials: 0

External Attack Surface: 3


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • mona arcinfo.qc.ca
  • informatique csem.qc.ca
  • ti csem.qc.ca
MX Records
  • d404089.b.ess.ca.barracudanetworks.com.
  • d404089.a.ess.ca.barracudanetworks.com.
TXT Records
  • bw=/7TBVcypi0G532G/U1rQdDg9gZeslDIfvTo0QFpLxg7x
  • v=spf1 a mx a:csem.qc.ca ip4:167.114.17.139 include:spf.protection.outlook.com include:amazonses.com -all
  • brevo-code:e58574cf826441c5f68a3154bb3a3e40
Cloud / SaaS Services Detected
Amazon SES/WorkMail

Leak Screenshot:

Leak Screenshot