Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo bcdtravel.com

Group: dispossessor

Discovered by ransomware.live: 2024-04-19

Estimated attack date: 2021-10-04

Description:

bcdtravel.com

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 6

Compromised Users: 158

Third Party Employee Credentials: 16

External Attack Surface: 46


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse cscglobal.com
MX Records
  • o365-bcdtravel-com.mail.protection.outlook.com.
TXT Records
  • smartsheet-site-validation=AskboxZ1WV2ZnK_fkelWFcZ89dentsqe
  • 9xnldzcl7vnw8h2ml4jmddpry1yyh0bn
  • 2qzzg25s5044xz3wh6y5wdq8vv507t7k
  • dRdHL1wXFeqarHcEo209EzGzCHGE11vVuGMhiRpkCFQTqsAckpIjAN2gawtIc6NkTWkJoKpq2W0DaIEvY/m5zQ==
  • pardot_55122_*=70629c43c150f7d088b019b08bb48bf1a798a62a9379efc896c83d71faaaf5b6
  • amazonses:W35AfH5EP8ZCJCSWmVtG0rl60g03KDcCTLRLAbsZ0r8=
  • k40vdl01bbws899h884p9w13tjkwm4x4
  • bv53bk4cbrf2rtby177j3q1nxhsp8p1m
  • msfpkey=3smha5linpokosdmavxukeke1
  • 6t5y9vms9y35ykqm59xjbxvc8tdtykvp
  • _dtgq3f3tnt2l4zdnip1cshdl127tnor
  • l0qvmsf1mr91wb6t69gndk1kh4xd60x8
  • 2nvj51fjs4cfmmpgzh60xjchww1k7b1s
  • xd4rxzhs09p91qjxk58tp1y12hgxl1j7
  • apple-domain-verification=EDRolj4WEJya1PJv
  • 5qs1ky7fr7hw6wm173sw7x3vlczh3p20
  • v=spf1 include:_u.bcdtravel.com._spf.smart.ondmarc.com -all
  • onetrust-domain-verification=e1abcee784694fe29dc770cdca5a3b03
  • MS=ms11808242
  • infoblox-domain-mastery=fa436bc0540254767fb417b8bbcc99fb4eeeb7bf11822ce8be19fe4ad40885c83c
  • cbllxk5l21cdd93g3c90zkt6kz79bw14
  • amazonses:JnJm0mjm7ehafSWZsT1CTn/r2cezqV0NxN+pGM9s1Ks=
  • apple-domain-verification=eVNYUdj6C5Bo3j8p
  • brevo-code:551442eb051c0929b9cc0c09e21c4d0f
  • atlassian-domain-verification=F0NK1WX0qDDxQIbmACs8msQ8ysSyarbi/oHIHM308tgQSN7vg+aEvD5QvcbnmdQO
  • m6pf2999f3fkk36wwzcdgccn3y0my0z2
  • xlqnt8cw7qb19jr3dnkg242cqw6mnbmy
  • mongodb-site-verification=69vMlgIO8sBChLvgmvLp4hCxeWOetNm0
  • yJfYlNXH57O7XS+eUeEt3s6et9Tm8UHu0aHUWE/NjNDXFGAnUnEeoNYzHo2uXZughm6frTpt7Sltj/pY22KWvw==
Cloud / SaaS Services Detected
Apple Atlassian Amazon SES/WorkMail Microsoft 365 OneTrust

Leak Screenshot:

Leak Screenshot