Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo emkay#####

Group: clop

Discovered by ransomware.live: 2024-12-24

Estimated attack date: 2024-12-24

Country: US

Description:

Presumed victim name: Emkay Inc. - Cl0p announcement. We have data of many companies who use cleo. Our teams are reaching and calling your company and provide your special secret chat.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 1

Third Party Employee Credentials: 0

External Attack Surface: 1


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • us-smtp-inbound-1.mimecast.com.
  • us-smtp-inbound-2.mimecast.com.
TXT Records
  • google-site-verification=AqHoP6yL0pesC79RFPGOzwSkip1r8BW2f6zcIqKO2Hw
  • google-site-verification=MJ-LSTvzsTh0keYXms27XhSHscxGhTpRR-0IzHniHUw
  • google-site-verification=Omd0sUmS4C0VvqlHpHEFc5JHg_AwLs8ZLhva1W2rkmI
  • hi7g7bq6u89lsv62q64kfol3ug
  • v=spf1 ip4:209.251.82.64/27 ip4:50.79.207.128/28 ip4:198.41.84.224/27 include:us._netblocks.mimecast.com include:_spf.salesforce.com include:spf.constantcontact.com ~all
  • MS=ms95849830
  • duo_sso_verification=V6e4mQ4UyXAHRdLqUPbpimWyDDrJyEhMudahzL7IrYEzs3ckTBHiVrwylp1Yaip4
Cloud / SaaS Services Detected
Microsoft 365 Salesforce Cisco Duo Mimecast

Leak Screenshot:

Leak Screenshot