ampol#####
ampol#####
Group: clop
Discovered by ransomware.live: 2024-12-24
Estimated attack date: 2024-12-24
Country:
Description:
Presumed victim name: Ampol Limited - Cl0p announcement. We have data of many companies who use cleo. Our teams are reaching and calling your company and provide your special secret chat.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 5
Compromised Users: 68
Third Party Employee Credentials: 6
External Attack Surface: 24
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- No emails found.
MX Records
- mxb-005db801.gslb.pphosted.com.
- mxa-005db801.gslb.pphosted.com.
TXT Records
- miro-verification=9310bbc1dc580309686b5f8fddef302b29bcf407
- docusign=2490b2a4-c6d3-4848-a556-2b53c2f7584f
- 38309FFED157E37D8A9FD767E889D8738F7201E4A7B7942D278C6D3686441194
- cisco-ci-domain-verification=5328cb5783c16d9cecd532c0b192739424ee739459356291bcc48c8fdd4799c8
- a75ec0c3-e4e9-440c-b9b4-cf5daf5e8758
- apple-domain-verification=t0XiKZXb9n7ruoTRB5MBBcmrWS85Q_OLC7QPwGCpqKk
- nintex.60bd773b03c4a1007459195f
- rpzhqd8hd24r0tpbh3cxqzzh25z7202x
- v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all
- \"MS=ms77778140\
- _globalsign-domain-verification=yBDYcDM4RVjT8-SY2n7LDSOmNWt0i54-GXPtDArW8N
- 413B3658FDC13E67E3139ECBD9738AC9CC34974BD633D34CABBF2E5F73DF330E
- apple-domain-verification=Zu43h7GxN2tQ9otR
- nintex.622852f6f328e50070863f1d
- adobe-idp-site-verification=f25cb28e198bcaef67455101ac1d65fe05a923f1c93c4e6e57c58ca6478ac2fe
- MmcnldyrPrO-reYlVE6USNzx
- docusign=e249686b-8de8-41da-a8fa-6b4bc40bbc92
- atlassian-domain-verification=3aZFMdbEFG7gxLJ1i8Q+fSsRTaccST85ku9lW4YP4Yq6jQnbOu1R4BmD6gcLtpN3
- globalsign-domain-verification=3e21da1b525ad7ef1a6a8110f18ee539
- globalsign-domain-verification=a34fc85e3d5d7a78768004da19083fd5
- h1-domain-verification=z51UY3HJ3fsMmgmfDCJAKmGDBYDzrSmWsou2aqRFeJaxAvUx
Cloud / SaaS Services Detected
Adobe
Apple
Atlassian
Microsoft 365
Miro
Cisco
DocuSign
Proofpoint
Leak Screenshot:
