appen.com
appen.com
Group: apt73
Discovered by ransomware.live: 2024-10-24
Estimated attack date: 2024-10-17
Country:
Description:
Registered user base of the appen.com platform (AI training company). 5 887 922 lines email addresses, employers, IP addresses, names, passwords,...
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 28
Compromised Users: 190461
Third Party Employee Credentials: 830
External Attack Surface: 124
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- appen-com.mail.protection.outlook.com.
TXT Records
- google-site-verification=0GKVITltCvP0o8BjJyVtVk2D6oX2Kt02h62aVsWCvis
- google-site-verification=O7vDGHY8kAx0VpgHX4ZWrbTLsqHP-MsMkzTEaQOCFyk
- elevenlabs=uQQVGiaUQaeS4pXq4NqwmGTDg3b97wSvtxsmXpW4cDI
- google-site-verification=sloDY5VyTwayd4IcGwTg3H4KrunKkl901spHiNmFXgA
- google-site-verification=Ohlgcvi0FDzFMjX16gLTeggvpMcavYYYD1X6FSi4NWQ
- v=spf1 include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email include:stspg-customer.com ~all
- cursor-domain-verification-df3ykn=BhtioR1mPP9G4P2uyCd9M7ZIS
- adobe-idp-site-verification=87c38b7eb65d83793ab73ed1e6804df70ffce53034f92940fe15e51641b05bfc
- google-site-verification=YafihkMAI8vt9Yc0CT1cZfJ8AK1MbKKEYld4oz1qFL4
- citrix-verification-code=6898b392-bdd2-42da-9af4-dfb16353fb84
- google-site-verification=5IPWuQApouac1KR3vuJzq9lixxDvE7qcyd2wDH-He9M
- v=spf1 include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email include:stspg-customer.com include:cust-spf.exacttarget.com ~all include:40053312.spf10.hubspotemail.net ~all
- 48152462.spf04.hubspotemail.net
- teamviewer-sso-verification=6448da6dcdf541699971302fb59726b8
- google-site-verification=uJhNsuuXVHNMNVP50KWOSjAUOCifgq_c8hWdoh1eazI
- sfdc-cloud-verification=SFMC-Z-NVbu5V7b-p7fkMyY0Qf6ccch1ciF3btN9Z-lCk
- 1password-site-verification=XPECDNTYSVEODDTFMWCTGXN334
- cloudhealth=3263e79d-692d-43a2-9d54-ee8d40dffcfb
- dell-technologies-domain-verification=appen.com_7b1f07b6-748f-468a-b8cd-ee84461f9b7c_1739687457
- |\"google-site-verification=Z5bD-1D-Bv4iBLSIiuSKkZYrCbny1x6ux_CwPeffrOU\
- google-site-verification=xJ1wL7LQWXmCNTd2kNr0FnqYyvNonoFlMUdspY8djgo
- jamf-site-verification=OCMLjKj-p-imXaFB1W9eqw
- google-site-verification=BHoTf04HNd_RypNZ4SACmO6Z4Py3CMXaY3R3Xju1Gs8
- apple-domain-verification=M6JkiWOBGthkFuIW
- figma-domain-verification=c1783313e1e5061c62a4657e66968eff1b81c745d485501648ef5d1648808327-1741265572
- amazonses:b+b2yq6XUASwC8VFxjcYWZhmOMey/bzI/gTOEH8+xZM=
- google-site-verification=h_IqUuj3kuPElZktB8QERfbDST4-reLW0L1Em88tiTg
- google-site-verification=izwlsnC0c4ng5uVLEWRroiqigGwp4T4fWp-BnJMmieY
- remote-domain-verification=e5c4089c-cf38-4b11-b84f-d09d939b77e2
- atlassian-domain-verification=XpeHYfrnhJXz6BkkO90/qP9arml3MFEzedhGSSoe64xZEsUctF6XSj6c/pPjC29a
- solarwinds-service0desk-verification=2b3df50cb1c838c7f1f4c444a5c5ceba
- docker-verification=7e9dd76e-7fc1-44c1-a05f-2faef64631f6
- dropbox-domain-verification=0k3aadtsubud
- docusign=11f98b34-f74a-4e8a-bd64-4dd6f9f54532
- google-site-verification=ZecAAkWIRis0Nhqrh-NHNA26tFdTp1tMAJLiKbqPtog
- v=spf1 include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email ~all
- logmein-verification-code=6266b840-d29a-443d-bd49-4e30bfa1ffcc
- slack-domain-verification=DG74vScfjSluRwSAkm8XA2ymI3uRFiKt4dqwMxvi
- google-site-verification=EGVNWG6OT29_PhxtiOWaZmZpvPen928BA3AP_9gSxjE
- google-site-verification=s6ibD60Owc17uULEq87bD8-ZPeLXJag0pMD-KJWel6Y
- status-page-domain-verification=0j5q9l4t8jsc
Cloud / SaaS Services Detected
Adobe
Apple
Atlassian
Amazon SES/WorkMail
Box
Dropbox
HubSpot
Slack
LogMeIn
Teamviewer
JamF
DocuSign
Leak Screenshot:
