Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

g4s.com

g4s.com

Discovered 2022-12-06 17:01 UTC
Est. attack date 2022-12-06

Infostealer activity detected by HudsonRock

Compromised Employees: 194

Compromised Users: 6279

Third Party Employee Credentials: 300


External Attack Surface: 160


Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abusesafenames.net
MX Records
  • alt2.aspmx.l.google.com. Google Workspace
  • alt3.aspmx.l.google.com. Google Workspace
  • alt3.aspmx.l.google.com. Google Workspace
  • alt4.aspmx.l.google.com. Google Workspace
  • alt13aspmx.l.google.com. Google Workspace
  • alt1.aspmx.l.google.com. Google Workspace
  • aspmx.l.google.com. Google Workspace
  • alt1.aspmx.l.google.com. Google Workspace
TXT Records
  • _l9etfamqctdm282r54wkb9eg1uco7rl
  • _88czss0icwfln2orwotau6cexwltrgf
  • 7z507sk54gwqskzhpcz3gf963rp072y5
  • _9dpnvan4yhlzp7pqngq98n6sb7gtz1p
  • td3wfy9kpp0fbf53gvxq41cr8mwjtfch
  • apple-domain-verification=2GV1LU32uS7aKVb7
  • v17qt5n1b6f5msqzrjbkm0tfxvzk5tjr
  • fg4qlf8ysgxl2fs9sb9zww5dcc0rs6dy
  • _n3lnlkvcwvt324isrld66lknlwfrv8k
  • google-site-verification=opHZtjaLpHH3xt0_RTt-I-y7rd7ijuaH8aEyEqiL1
  • 5lrs5thjlxycc35sgzxw57h5t82w6z3l
  • v=spf1 include:_spf.google.com include:CIPHR247.COM include:mktomail.com include:amazonses.com -all
  • _esasv7wif2kz554d2ndwexfl34tosfu
  • ljc9wc8v8rrz4wwv51n8kv24rblpqg6c
  • _v0dlzsx7zhrupiszfrk0letq2hxtyuf
  • DR record for datapipe 64.106.215.33
  • _sp0xmz3w6fejmfe42jnrod91w7ougf9
  • _emlnxh557sizo6pk6miyo92d0nefd0g
  • _eq17ckeh7jm5yyukwk5fxhydv7byh1o
  • pr6y3tr9tt2m63wvl6ygc65gnzspnlbz
  • google-site-verification=cDERSBsZSFe9wuDGBGkBvD_hGP3WHSARYQE3uF7RVPU
  • _8a54is8kq0p36sg9jdtvh0vo1igsaxu
  • _i1sq0o6wr8svols0aet1u0uns32ofvc
  • _rf673bmpsmaldlhkdw72jcdo5damfw5
  • _q97anxvsec9ke1s1uydae8o0ygfy3b8
  • google-site-verification=Lq0Z2_TROoFjofjHc1ovFqM-m7u288lJXaqABIsQVfo
  • 20.07.2023
  • google-site-verification=ODIdU_s5yFQZiOXQXQM3rymiS1KyodtbXS_X00CzUNI
  • xwm699fq7gsd3lbxcr7tgkclljtlxmks
  • g8nkmc7vm5vnvtyds1j0274fb126hvjv
  • google-site-verification=_iXOcUBx6fmVwk_SH4D53o_WhEI0hQiRgvjybKIvjLc
  • _wl8h79zl749k1kvqynoxbjwu2mc1aze
  • rrjyr2cv4vsngg8ftsvpc8vfnld4m9v1
  • _globalsign-domain-verification=Sk94TSt_Lurdsv4zzB97RE1AZxYwdT3SPC1azADxjp
  • _z469eenln5hnfac5m441ohxohspg765
  • _rrpl6l5hhm96b9wmk9qa2uzdfgzg3l5
  • _q3kq4zvy5ueecxlj58holv0t2j1ggtu
  • _lkn347cqyjpdt9uskgmykr0d7sm9d2n
  • google-site-verification=2-rlkdq-bP0O2ZVGtXVl-IaWzLfB-qbOLWKWDLfIM_M
  • _fwnh85timfbd40tn5xh2gwik14nqmwh
  • _8gc8f9d06q2lnrgvitj1qu84gbqiu3r
  • _nudrrxyazmwh4wzlaat0hrsxo7olof6
  • google-site-verification=u9fUTD5BjLP-7ZuGaYDtDXj71H-jDr3G7XlNyj6NW10
Cloud / SaaS Services Detected
Apple Amazon SES/WorkMail Global Sign Marketo