Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo fairmontfcu.com

Group: blackbasta

Discovered by ransomware.live: 2024-01-23

Estimated attack date: 2023-10-18

Country: US

Description:

Fairmont Federal Credit Union is a not-for-profit financial organization, democratically controlled, owned, and operated by our members for the benefit of all who belong. We operate 9 regional branches with over 120 employees.SITE: www.fairmontfcu.com Address : PO Box 2139, Fairmont, West Virginia, 26555, USAALL DATA SIZE: 403gb 1. User data 2. Corporate data 3. Legal 4. Loans 5. Personal documents, scans and etc…

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 20

Third Party Employee Credentials: 0

External Attack Surface: 17


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • d272680a.ess.barracudanetworks.com.
  • d272680b.ess.barracudanetworks.com.
TXT Records
  • _mg0kext84w8wusfhgo55irkl9sfa8yk
  • MS=ms54067207
  • MS=ED3970FCC77503BFC1897656FDD90E87902006B0
  • v=spf1 include:spf.ess.barracudanetworks.com include:mailgun.org -all
  • duo_sso_verification=GptekYXmkCmBCG0wXaoQO7eQx1SmZXwtPvrTSDvextyiRwtqstIGO05e5CJQVrQZ
  • cisco-ci-domain-verification=1fc336e8e7ec4f2502313e6023871966a2841d093a56fbd1a7be9fb1b2f23ea9
  • _i241o4yb4iassy5iweuhs6env35iw14
Cloud / SaaS Services Detected
Microsoft 365 Mailgun Cisco Cisco Duo

Leak Screenshot:

Leak Screenshot