Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo acutis.com

Group: cactus

Discovered by ransomware.live: 2024-01-12

Estimated attack date: 2024-01-12

Country: US

Description:

Download link #1: https://***************.onion/ACUTIS/PROOF 

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 0

Third Party Employee Credentials: 1

External Attack Surface: 1


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • mx1-us1.ppe-hosted.com.
  • mx2-us1.ppe-hosted.com.
TXT Records
  • duo_sso_verification=Iey0aNWWmh4qGJBScAsxl7jnGz4qGKVE1u45YlM6pVqvvSVxgp8xEHp9SJyODZkH
  • atlassian-domain-verification=4xAt8u/wlhuMBoDpZyB3mdgfDbqFBdksQqURfULN4oKhhEdmYUJc70qfscwBpX7J
  • v=spf1 a:dispatch-us.ppe-hosted.com include:secureserver.net -all
  • google-site-verification=rotAY7TKAqQEnnwl9S1Y6eMlh6Whh0kyWGnawrqjKQk
  • _zfyo7z6juz2roz2chkctb6edpospvi0
  • MS=ms58309645
  • _bq0si939db56g55kczshwrkfr9lontm
Cloud / SaaS Services Detected
Atlassian Microsoft 365 Cisco Duo Proofpoint Essentials

Leak Screenshot:

Leak Screenshot