Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

fedefarma.com

fedefarma.com

Discovered 2022-07-19 12:33 UTC
Est. attack date 2022-07-19

Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 33

Third Party Employee Credentials: 5


External Attack Surface: 16


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abusenominalia.com
MX Records
  • mail.fedefarma.com.
  • fedefarma-com.mail.protection.outlook.com. Microsoft 365
TXT Records
  • _globalsign-domain-verification=4uUqUfKGH2uBKSJ3gim0AkTM3e_dTiy4JuQob-k_y3
  • v=spf1 include:spf.protection.outlook.com include:spf.emailsignatures365.com ip4:80.169.85.249 a mx a:mail.fedefarma.com -all
  • google-site-verification=qbCLAFM1mNWa3kd0JW102a32nUm3Tm1zj8pzU8mrnNU
  • GxazmC4Hn31wQRPISsf8IPtoExnruIP5Vy25GQDw5QPHNeyEU1LZ+bx4BGosmV63rDdVeGO0gFhCyb8YBJIKuw==
  • google-site-verification=Hwj36cT3RHZiMnA9lsViKlFwuYfammr3Pdiy1MbhXbE
  • brevo-code:92feb2aea2dd89612f3a50ff5519f99e
  • smartsheet-site-validation=Xck1mmDLowIPvtfw22dhhm_XPZIamc9n
  • atlassian-domain-verification=GU7D9puG4xQbzd7QtfGD6xfPXr/XfPr02yYOGRsb84Sq5NGaCFM73b44gD1prG5l
  • apple-domain-verification=4ybghkeUqCCzBKA5
  • brevo-code:79e1558355a800d1c92d3669dc092fe5
  • MS=ms14843684
  • google-site-verification=1wmOs1f8wGSqgP6SKzMCIRdcJ87PG7T5bHDPQrG2CQQ
  • MS=ms68894858
  • google-site-verification=g__jII9odLtJelL5RclwrYaF9lUKTs2ysQQXI2d4Zhc
  • brevo-code:7314f64f0ab8662b52bdb597a12461e3
  • brevo-code:f6041ac38002d934f409a8a1ce07236f
  • anthropic-domain-verification-49sday=ymhVHxZhb1WXbuYWqlE1s1m0m
Cloud / SaaS Services Detected
Apple Atlassian Global Sign Microsoft 365 Brevo Anthropic