estes-express.com
estes-express.com
Group: lockbit3
Discovered by ransomware.live: 2023-11-11
Estimated attack date: 2023-11-11
Country:
Description:
This firm transports drugs, the evidence is in the stolen files.Seamless cross-border shipping to and from all regions. Navigating the U.S., Canada, Mexico, and beyond. Everything you need to ship with us, right at your fingertips. Cost-effective...
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 1
Compromised Users: 109
Third Party Employee Credentials: 4
External Attack Surface: 35
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- mxb-002f7401.gslb.pphosted.com.
- mxa-002f7401.gslb.pphosted.com.
TXT Records
- _globalsign-domain-verification=i_i2NpgubocrEmoFyyN36_Y9Rm8sYuVrXtSgRWoaSW
- mongodb-site-verification=37ZsKLO5RSfX3e2FS8oqP0H264Wie9n1
- google-site-verification=Pl6YqcqxcpDbR0DrA0ScicyoL9GRVzsONzBSuJHCDfA
- QyNq40gBJlhTxdtR_xrh
- atlassian-sending-domain-verification=063e1eaa-09ad-4f8d-8f99-91a4a3375bf4
- apple-domain-verification=xH3m8u3Ovw2meOSk
- pardot855113=e77d5a27ba9d0984dfd996e5e0eddc957a53d4d7d48a6457dce9d03cbab45577
- v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com include:aspmx.pardot.com ~all
- sendinblue-code:c09f24b05984ae8b454c30dbe179d567
- teamviewer-sso-verification=c485efe9491842f7acb656a706b5d6e6
- ciscocidomainverification=2725770bff4ab5118ed840235a3cbbcd45b833efaeb430190278d7556a89790f
- atlassian-domain-verification=TaySepwT3IDRRMlXqL3mUnLwMEARUCWhwBo5OPMoGTc4MHCZ8QZhyXJ3vnCvbjiE
- MS=50A572F2F67612D3357E93D1A42B407CD5CEEA62
- pardot855113=66f3962fe7b3e1ff75a2aa35b405d85b4e6f5c93283c612bda9b58c0a551e25c
- LLX4VzIOPgbzZiaGTeuExL6wLY04tUewYJXfDElJpyI=
- hcp-domain-verification=92783c0d294380a3e4b23734916a09c1a736e327f25cc64c821d8f364fc8c09b
Cloud / SaaS Services Detected
Apple
Atlassian
Salesforce
Teamviewer
Proofpoint
Leak Screenshot:
