Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo energytransfer.com

Group: dispossessor

Discovered by ransomware.live: 2024-04-19

Estimated attack date: 2024-04-19

Description:

energytransfer.com

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 3

Compromised Users: 18

Third Party Employee Credentials: 7

External Attack Surface: 10


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • esa1.energytransfer.iphmx.com.
  • esa6.energytransfer.iphmx.com.
  • esa7.energytransfer.iphmx.com.
  • esa8.energytransfer.iphmx.com.
  • esa5.energytransfer.iphmx.com.
  • esa3.energytransfer.iphmx.com.
  • esa2.energytransfer.iphmx.com.
  • esa4.energytransfer.iphmx.com.
TXT Records
  • mlphhla15iacvqn9134gfju7v
  • 29pkv3geh2a0ltqpd89dpakcgu
  • nintex.5dcf206e8df6ab0efba3c4cd
  • ENERGYTRANSFER-VAiUgrfWNZplpuOo9yUiJn4b-IBM
  • h93gvpuia7u1d1bent4ol2rqgq
  • 2nb8uh4ufubt9ukgl9h2jpeu2s
  • facebook-domain-verification=xqw6bhclvx2xm8za7emg8wvzr8cp7k
  • docusign=e7a465ad-676a-49dc-b264-fe999db29c9c
  • docusign=02b7fa07-8359-479e-9b4f-a2edd0aeb5f2
  • ibmid=4a2f1e3e-c79c-4154-8b02-2fffb209f99b
  • docusign=d7e96d5a-fa45-49d3-a4c3-e8382bb89401
  • smartsheet-site-validation=INeHZg5lrg7ISScXilUS8urZzDIoNMN7
  • 2af1mn3h55v7qgqi84ene52e0v
  • apple-domain-verification=QIOn3ZgyjnUBKRzo
  • MS=ms68777120
  • i5coej2vm5pllgmsid37j9iqiq
  • ciscocidomainverification=75df9edcaa71e21c5883d7504001d41f8a3d2b1e8b1bdd7c833b3e20008056ba
  • ibmid=bc3fca25-7a55-4648-8aa5-92c1e6fe96c7
  • 2debvqct4rafgie9hff9c38v7h
  • apple-domain-verification=TDGvhIoCdodVPrTG
  • ibmid=c37360cb-719f-496a-8350-1622ae859589
  • docusign=9977d17a-9abe-41a6-9df9-b5f4c493baa5
  • MS=0DB647146C82C30B8E328BB3EE2E36F5E9F6366F
  • google-site-verification=Jf7kjXXnwKEWObr2hzZXfuKNKwnil-gyHRwkE5xLlJU
  • v=spf1 include:spf.energytransfer.com -all
  • docusign=ea0f40b0-8b9e-4a84-ad01-4b4249c07cae
  • la8m6fet3qtprqnonh9ctl396t
  • adobe-idp-site-verification=9357273ff66d0efd2af8db0f7e4d92638e145cff5d0edc4ffb5d8b6a7506ff79
  • cVxb5VPYMOqV13YOtSeJ7bSNRLz9dst9TyF9U23BgtxAHkevYqe1EZHsOLbKsbWW5COgOSgFzUQB9JUvyOSXwA==
  • docusign=f072777d-3a3b-4e07-ab03-827a716dd0d9
  • i5pk8v5rtrfuqukuvmo7gab389
  • docusign=d13248e4-85a7-4a0f-b774-a0ae34073695
  • docusign=963455b5-2596-4b3d-975b-e30df8f25616
  • ibmid=9b6406f3-308b-4299-a018-b4ad21e95372
  • orm13ranh63mfb4o605sreek7o
  • box-domain-verification=e9dbc47f27981bffa5409388eff918e6de5877b5d9e393792869e661685a6779
  • docusign=51543ce1-2bf3-43de-8005-aa0eab9548f1
  • docusign=ef85ec00-9bd5-4362-af77-4ee3284e10b2
  • knowbe4-site-verification=ee03e36337621c6a3ce6b998db943695
  • docusign=19525461-79d0-4ff1-bba1-adb121c14f21
Cloud / SaaS Services Detected
Adobe Apple Box Microsoft 365 KnowBe4 DocuSign

Leak Screenshot:

Leak Screenshot