Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo kellyservices.com

Group: dispossessor

Discovered by ransomware.live: 2024-04-19

Estimated attack date: 2021-01-01

Country: US

Description:

kellyservices.com

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 5

Compromised Users: 1604

Third Party Employee Credentials: 57

External Attack Surface: 31


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abusecomplaints markmonitor.com
  • whoisrequest markmonitor.com
MX Records
  • kellyservices-com.mail.protection.outlook.com.
TXT Records
  • Dynatrace-site-verification=c085630a-9e90-4a3e-acd1-f03e9f4fbe9f__qk513svj51ao7u7rb4m094k35u
  • v=spf1 include:spf.protection.outlook.com ip4:167.89.89.232 ip4:168.245.54.255 i" "p4:149.72.211.231 ip4:167.89.96.224 ip4:143.55.228.65 include:_spf.bullhornmail." "com include:spf.mailjet.com include:20647192.spf03.hubspotemail.net include:2591" "9326.spf02.eu1.hubspotemail.net ~all
  • jamf-site-verification=BsiulrD6Uaz_-HBnEbfMoA
  • google-site-verification=eY4d6w9JknUa_p1NP5dQXbwyykDdYstP8a_z-Rp9iNU
  • MJ3466695tazmhak
  • miro-verification=28739072086b64520c64e6d01736d0f083db9cf6
  • docusign=a7faefcd-f28b-45ca-b56f-e40877cb36bc
  • vmware-cloud-verification-f27ef24e-117f-49f1-83d4-9999cb5c1065
  • twilio-domain-verification=3c8ec05714e437561c73ac24215e103b
  • 3567-411A-DB87-10A8-98F1-BA0F-8AA8-B2D3
  • MS=ms46854749
  • OSIAGENTREGURL=https://mdm.kellyservices.com/MobileEnrollment/Symc-IOSEnroll.ASPX
  • smartsheet-site-validation=mk5ce7vuVfBgeh_cSUFW2-MAvu4fLyYR
  • anthropic-domain-verification-003sgn=U7XHFzRrTkiLE755fgUz2tPJi
  • facebook-domain-verification=up5k2ke45ek4t03nfc0w8m6io60291
  • onetrust-domain-verification=1b5ad2808c9f4625be0d5c6f14f1d736
  • apple-domain-verification=mW8BZ02sjpw0JMC6
  • openai-domain-verification=dv-3kucb5jlEtc6zEuePX2Wb2WP
  • google-site-verification=rFfE5cnyVgJv5-ff72BxiePLEOV9NXzahn86miM8rYY
  • docusign=e715cc76-8010-4747-aea1-cb4294dd2181
  • apple-domain-verification=Ud-OqivmWF6yJGWHeor7Ho2iuOsfPJqGVDwoO3Fw9T4
Cloud / SaaS Services Detected
Apple HubSpot Microsoft 365 Twilio Miro JamF Mailjet OneTrust DocuSign

Leak Screenshot:

Leak Screenshot