Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo asburyauto.com

Group: cactus

Discovered by ransomware.live: 2024-01-12

Estimated attack date: 2024-01-12

Country: US

Description:

Download link #1:  https://***************.onion/ABG/PROOF 

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 9

Third Party Employee Credentials: 8

External Attack Surface: 1


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • us-smtp-inbound-1.mimecast.com.
  • us-smtp-inbound-2.mimecast.com.
TXT Records
  • google-site-verification=eh7idNjr7qdQcGGYwkRQqwcoE5naFqAnUgf8CEHVfhY
  • specops-verification-code=12100b47-82bb-4bdd-a96d-35bef39c18e1
  • stripe-verification=40d75b9c9b55a040ba3ae796acca7e5075a681c3aa94a209bac3128a61fefd0a
  • v=spf1 redirect=4d9d205q._spf._d.mim.ec
  • MS=ms89285232
  • Foxit-domain-verification=beda27ad6b50a24379a29b94c5d9e5cd
  • knowbe4-site-verification=60bec4c9c051f128775238e34145f841
  • cisco-ci-domain-verification=6ef41617454b2442868b0e87ebf4092b45f42428984894ac1f584a653074dd7
  • uber-domain-verification=807bea71-7df8-4ae8-8035-46e2a893457f
  • 3fd745aede69633405c8bda782ab52041f88778a80da94479e
Cloud / SaaS Services Detected
Microsoft 365 Stripe KnowBe4 Cisco

Leak Screenshot:

Leak Screenshot