Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo gensler.com

Group: dispossessor

Discovered by ransomware.live: 2024-04-19

Estimated attack date: 2024-04-19

Country: US

Description:

gensler.com

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 15

Compromised Users: 47

Third Party Employee Credentials: 41

External Attack Surface: 29


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • registrar-abuse cloudflare.com
MX Records
  • gensler-com.mail.protection.outlook.com.
TXT Records
  • barco-verification=d9253132-5113-5282-93c0-f1abbb589fe6
  • (miro-verification=2ec120190f9d103b23d46f94d869f0675a316917)
  • MS=ms96739251
  • qgkigik8ler93k0ig1id0dh3g
  • box-domain-verification=5026e14e83550b5df8a9bca058836464ef555112206b04dac995d61d9bab67d3
  • apple-domain-verification=UVlEcDEaL0h8QW0j
  • apple-domain-verification=jUnPQY6Izcq8iWO8-QVaeeSuveE869tOloZNZxHXrHM
  • HSylbIqmbceZxKEnWoD0
  • _globalsign-domain-verification=OYfE_CcZQWFlEEOrR5yVCfCtmiQrm0bBdyUAJyg3qE
  • ybaz/OapG9B9tIjH85h7iPcB1CbkciokQfma/LSVsur8mVM0FuS8gqS2WWZQNmWkt50dHHGcVkgRKkkAAwBHJQ==
  • atlassian-domain-verification=0hZppbPfwAZ4PRK2BupMjknx9AjxGC+AmpnGIrRLG4zJb6YnuSFabj2QKQYEj5Tj
  • atlassian-domain-verification=l82A1kqah2ToQEZgJqVsoduto75nQaNUPsUMxUvthLoZfkvqrdb72jOyvPLpfPCc
  • atlassian-domain-verification=NWTQsi2aCnaCmGPcwftvi/aJk4kN1z/Qb8chSY/ZvdJbqdlobsfC6lw0HtlG38wY
  • ms-domain-verification=38aac1c7-2ec8-414d-9609-3e00a6de44c3
  • reftab-domain-verification=0718e7ef55adbfaa82fe77b9a7bfee49
  • pardot484051=dfc82e6a04a7a2faadce31775f33350399a8c90f0785b2704bc6338c9bf8aaf9
  • v=spf1 include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email ~all
  • ms-domain-verification=e1addba7-8ba1-4d4b-af67-29b61f465705
  • ms-domain-verification=fa45f689-c459-45fa-9e75-9a297b124041
  • atlassian-domain-verification=PBCi/yBiP7wLampwnZPjf2bBvJPJwsQyDNr/Olby7tY57uRotyc1UzExBBjR5l97
  • smartsheet-site-validation=5OlC6NZiaNHmPCGl-Og5Z7kGr34ZJ55u
  • box-domain-verification=d3af66d84e9e61f50cb96ead24221e575f57eab4cf8751acb9e2ca43d902f28b
  • cisco-ci-domain-verification=65cea87195ed8a0e2ad17fe298db6ac9f85da03910b61b45b7fb52d7b291b16a
  • _phia6tk3lmvpggj16fg9wx5e02yor5s
  • asv=beb3ad761be64a8fc2b7b03c132cd070
Cloud / SaaS Services Detected
Apple Atlassian Box Microsoft 365 Salesforce Miro Cisco

Leak Screenshot:

Leak Screenshot