Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo fcl.crs

Group: lockbit3

Discovered by ransomware.live: 2024-08-03

Estimated attack date: 2024-08-03

Country: CA

Description:

10 TB Federated Co-operatives Limited (FCL) does business differently. At its core, FCL is a co-operative that supports other co-operatives that serve people in Western Canada. We aim to create an experience for our team members where employees f...

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 2

Compromised Users: 10

Third Party Employee Credentials: 9

External Attack Surface: 2


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse cscglobal.com
  • CRSDomain.Operations fcl.crs
MX Records
  • fcl-crs.mail.protection.outlook.com.
TXT Records
  • v=spf1 include:spf.protection.outlook.com include:spf.exclaimer.net include:_spf02.mykronos.com include:_spf.general.transactional-mail-a.com a:b.spf.service-now.com a:c.spf.service-now.com a:d.spf.service-now.com a:smtp1.fcl.crs a:smtp2.fcl.crs ip4:207.1" "95.52.0/24 ip4:91.195.240.103 ip4:158.106.89.5 ip4:209.235.141.46 ip4:198.134.28.178 ip4:187.213.108.206 ip4:85.222.1.224 ip4:85.222.138.224 ip4:96.43.144.64 ip4:96.43.147.64 ip4:96.43.148.64 ip4:96.43.151.64 ip4:101.53.164.224 ip4:101.53.172.224 ip4:13.7" "4.158.98 ip4:207.195.105.234 ip4:136.146.128.64 ip4:136.146.208.16 ip4:136.146.210.16 ip4:136.147.46.199 ip4:136.147.46.200 ip4:136.147.46.224 ip4:136.147.62.224 ip4:164.177.132.168 ip4:168.245.54.74 ip4:173.227.222.2 ip4:158.106.89.64 ip4:149.72.64.26 ip" "4:158.106.89.66 ip4:184.70.68.250 ip4:199.91.136.26 ip4:204.152.235.220 ip4:204.152.239.220 ip4:207.112.121.113 ip4:216.197.160.181 ip4:216.58.172.197 ip4:40.69.32.242 ip4:50.56.130.220 ip4:209.235.141.45 ip4:13.108.238.128 ip4:158.106.89.65 ip4:40.118.10" "1.188 ip4:13.108.238.158 ip4:146.20.14.105 ip4:69.90.103.199 ip4:64.141.17.235 ip4:206.152.14.54 ip4:209.89.8.19 ip4:207.54.126.206 ip4:65.123.29.214 ip4:209.235.141.25 ip4:209.235.141.19 ip4:209.235.141.42 ip4:209.235.141.43 ip4:209.235.141.44 ip4:52.132" ".70.32 ip4:69.169.228.240/29 ip4:69.169.228.248/30 ip4:69.169.228.252/32 -all
  • facebook-domain-verification=6c6ryr0d1daqyysidyajsjpt2jms4a
  • ibmid=0034d431-7fd7-46ad-a6fc-1bdbb29a2868
  • atlassian-domain-verification=z1lID0w/YxmbftSOK91mr3XefmKIRPaw1wLToJnU4RIsKhPHXvDp/zjjAX2Vinclude:spf.exclaimer.net -all
  • teamviewer-sso-verification=9e80629c018245eabc0bad40d8c86bba
  • cisco-ci-domain-verification=3dd29460a5c779bb55ad544e2ac08b96fd83060527be00153f1e21c063d33d9d
  • apple-domain-verification=MkbnbxUoPJ3yJXel
  • workplace-domain-verification=d4GPhadFjLZky7drP6ZCMgDjWWD33y
  • Dynatrace-site-verification=b0a98e1c-e0c9-4e58-82d0-1a15606f4eb6__hp960277j5j33c08pm67ie6p50
  • bcn=60126274-0099-11EE-BAD1-D62E6A9A072B
  • ZZonUjKEfiUrzmWGu3lVFiNqxXmOoTY2sTTKbsR7I8JMNe+JYo/XU9DBhihyTNJO+i9f6TAq3YdqfKDkX3kL0g==
  • intersight=20137d2b2a02b714bf53977168061d3ff3cefa029d974bd3306c7134e3d45b89
  • uFibF73DZS5qGmJX8momI96x6x92rUAoHaKdVelzHeuRSu6x8ytNxR349EyC7A42nl3bCbtMfyRc4iRF1JNf7A==
Cloud / SaaS Services Detected
Apple Atlassian Teamviewer Cisco ServiceNow

Leak Screenshot:

Leak Screenshot