Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

faacgroup.com

faacgroup.com

Discovered 2022-07-02 22:36 UTC
Est. attack date 2022-07-02

Infostealer activity detected by HudsonRock

Compromised Employees: 4

Compromised Users: 50

Third Party Employee Credentials: 7


External Attack Surface: 21


Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuseregister.it
MX Records
  • mx1.hc2493-46.eu.iphmx.com. Cisco/IronPort
  • mx2.hc2493-46.eu.iphmx.com. Cisco/IronPort
TXT Records
  • v=spf1 mx include:spf.protection.outlook.com include:_spf.elasticemail.com include:servers.mcsv.net include:spf.icontroller.eu include:musvc.com include:spf.constantcontact.com include:_spf.mlsend.com ip4:149.72.171.119 ip4:217.8.248.0/25 exists:%{i}.spf." "hc2493-46.eu.iphmx.com -all
  • cursor-domain-verification-pgfr07=4AADAiqH9j0ARAsyVofpYN285
  • bw=gki8h9pfnbGb8he/RKI5qRbc7COGxn7Diphrn7ie4jcl
  • google-site-verification=bdAj7lqanO6k4If-ZFdREvvnaITDYNfwErW7H2TX94A
  • tvx8wvRGCGaZ3xFfFm0znvs72TrQEYMOR+ncFHwXm3P3+BylI+sKHwmavaB4SAF2lNu/usEMa57gSv1pmITEBw==
  • cisco-ci-domain-verification=6fff84e17d6aa738965d9ba40a332c4c38a18b6409dc66466147fba7d192bc28
  • anthropic-domain-verification-t37jyw=YG7GJKUUW7PL8wW0XrhCUVfwy
  • apple-domain-verification=dX1CCo8NEvN9gD9A
  • docusign=833fab08-8966-4678-909b-e7583fe69cba
Cloud / SaaS Services Detected
Apple Mailchimp Anthropic Cisco DocuSign