Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

gpaa.gov.za

gpaa.gov.za

Discovered 2024-03-11 10:18 UTC
Est. attack date 2024-03-11
Country ZA

Description:

The Government Pensions Administration Agency (GPAA) administers pensions on behalf of its primary clients, the Government Employees Pension Fund (GEPF) and National TreasuryYou can contact the main system administrator on the contacts below, wai...

Infostealer activity detected by HudsonRock

Compromised Employees: 4

Compromised Users: 2

Third Party Employee Credentials: 10


External Attack Surface: 6


Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • gpaa-gov-za.mail.protection.outlook.com. Microsoft 365
TXT Records
  • MS=FA08C474F4D3F65470E5945930D53D45ED09B775
  • v=spf1 include:za._netblocks.mimecast.com ip4:209.212.98.10 ip4:209.212.98.13 a:spam.gepf.co.za a:spam02.gepf.co.za include:spf.protection.outlook.com -all
  • pobVCTUW6m51bJ2dm2kuNua8e/85z6BdzdhNAWHtPuBmVHnOr2ep5A9g/6kWfliMbc8K1UiUaN8+WfOIJKhtjA==
  • 9tj3i134vfv1i0bv705k0p1t89
  • 05A3-5CF0-2DD5-595B-F310-4B2D-0794-39C5
  • apple-domain-verification=pCyoeYi69ocX3xUt
  • MS=ms15591878
  • F7D8-FD53-5F3E-0BFA-8E8D-7672-685C-D4F2
  • MS=ms24395801
  • cisco-ci-domain-verification=3491c9b80086df4567b7896b1b8ebda9820f692a89760b37326a2b11e24f179e
Cloud / SaaS Services Detected
Apple Microsoft 365 Cisco Mimecast

Leak Screenshot:

Leak Screenshot