Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo agy.com

Group: Blackbasta

Discovered by ransomware.live: 2023-12-13

Estimated attack date: 2023-11-03

Country: US

Description:

AGY is a world leader in high performance materials used in a range of markets including Electronics, Thermoplastics, Industrial, Aerospace, Recreation / Consumer and Defense with a focus on making our customers’ products lighter, faster and stronger. High performance materials in the form of glass fiber yarns and reinforcements provide our customers with six vital enhanced properties: strength, impact resistance, stiffness, temperature resistance, fatigue resistance and radar transparency. With a product portfolio developed for extreme performance utilizing a set of unique manufacturing platforms AGY provides tailored materials solutions to end-use customers for the most demanding applications worldwide.SITE: www.agy.com Address : 2556 Wagener Road Aiken, South Carolina, USA 29801ALL DATA SIZE: 403gb 1. Human Resources 2. Finance 3. Engineering 4. Science & Technology 5. Departmental data 6. Home users data files 7. Drawings 8. Incident reports and etc.


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • d80372b.ess.barracudanetworks.com.
  • d80372a.ess.barracudanetworks.com.
TXT Records
  • u96chpsqhcghlapiehmnp7t41j
  • je7r0sig8tteottc2iu8nnjqca
  • MS=ms47810961
  • apple-domain-verification=h7wTePaqRScLcObX
  • duo_sso_verification=SV6NHGUxeudlYkkWlrIvfloh8v7kFdZ2kTWQyMjk8zcm2I9L5AzTZdh4inTZXxdG
  • v=spf1 a mx ip4:10.10.10.25/32 ip4:10.10.10.26/32 ip4:12.34.207.97/27 include:amazonses.com -all
  • 3ej8go5odmcj9nn70kil26jlcn
  • eUOpVafWWuvT6XGK5SwRyij4Mz1gLO
  • cisco-ci-domain-verification=78c310324e6fbfea19e390ffa9b50a96324d4946df89a195c7b6e16b994438e2
Cloud / SaaS Services Detected
Apple Amazon SES/WorkMail Microsoft 365 Cisco Cisco Duo

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.