break#####
break#####
Group: clop
Discovered by ransomware.live: 2024-12-24
Estimated attack date: 2024-12-24
Country:
Description:
Presumed victim name: Breakthru Beverage Group - Cl0p announcement. We have data of many companies who use cleo. Our teams are reaching and calling your company and provide your special secret chat.
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- mxa-00687401.gslb.pphosted.com.
- mxb-00687401.gslb.pphosted.com.
TXT Records
- vmware-cloud-verification-a49153b5-4717-40cb-80a5-68705c0df8c3
- v=spf1 ip4:209.116.226.208 ip4:206.16.233.251 ip4:24.38.67.162 ip4:24.38.67.163 ip4:108.179.7.90 ip4:108.177.9.26 ip4:207.158.140.146 ip4:207.158.140.147 ip4:206.16.233.227 ip4:4.34.4.86 ip4:8.30.24.28 ip4:8.30.24.29 ip4:65.216.133.22 ip4:65.216.133.9 ip4" ":206.16.233.242 ip4:45.78.156.88 ip4:38.92.46.24 ip4:45.78.156.87 ip4:38.92.46.23 ip4:45.78.156.86 ip4:38.92.46.22 a:dispatch-us.ppe-hosted.com include:spf.protection.outlook.com include:mailgun.org include:spf-00687401.pphosted.com include:_spf.dovetailn" "ow.com include:20824181.spf02.hubspotemail.net include:us._netblocks.mimecast.com include:_spf.cnddtid.com -all
- MS=ms28977284
- apple-domain-verification=JcdEWwrK43eJc2n2
- docusign=0e733f55-9c0c-4c7e-b71f-750aa425549d
- docusign=53ba5525-7187-4b40-8f85-e66b219717e6
Cloud / SaaS Services Detected
Apple
HubSpot
Microsoft 365
Mailgun
Mimecast
DocuSign
Proofpoint
Proofpoint Essentials
Leak Screenshot:
