Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo honeywell.com

Group: dispossessor

Discovered by ransomware.live: 2024-04-19

Estimated attack date: 2021-10-02

Country: US

Description:

honeywell.com

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 350

Compromised Users: 14691

Third Party Employee Credentials: 377

External Attack Surface: 200


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abusecomplaints markmonitor.com
  • whoisrequest markmonitor.com
MX Records
  • honeywell-com.mail.protection.outlook.com.
TXT Records
  • v=spf1 ip4:199.64.176.32/29 ip4:199.64.34.142/31 include:spf.protection.outlook.com include:mktomail.com include:_spf.salesforce.com include:spf.mandrillapp.com include:spf_c.oraclecloud.com include:_spf1.honeywell.com -all
  • docusign=6475d221-ef78-452a-97f1-8705066a589b
  • 77aubucufu395j4ajaju1tltid
  • atlassian-domain-verification=QcnUXBPonaBafaMenDn9msPWrnOlsa6xMa8NeZ4gBhB7rmonlbXXtG/KoEOSMT/k
  • docusign=6097c9da-4caa-42f1-8056-e04b38531048
  • hpe-greenlake-domain-verification=554530354772395754564961356664734d50543363587a3364497841382d5874
  • flexera-domain-verification-nngfavhkpnftqrcc
  • apple-domain-verification=qNr_Xd0V_y5Z9IOEToij1PfQcvCYBIijqtcdhnIkRS8
  • 3ph4m1s770ylbqtklx8t042bxmnlgq13
  • honeywell.azurewebsites.net
  • google-site-verification=M-TjpznnSDDNCarlH3mfHLVq8Q9ZsBVa4zahHzlnBkI
  • gqjsw830k8y5bm768pc0ftg9mxmxdkmf
  • duo_sso_verification=Ed8uo1zixGrCnGVThwI82YjVRvscIk2Lin83ASdGUUVc9kOREqX0ywXTy0jrt4d0
  • _h9oocnav1ognz8w36ehuwge0c5uoile
  • INt4bpJj9RIrRcm+Z/2yv6ABAjlVyJx13kLCuqJgbeRwOR6Pe5HXYn6k93QNfVi7sKWBVOGPdRrqQ4WP6h5hVw==
  • _globalsign-domain-verification=OMpilx-OAWbso0ODurcEtGXATmn0Ia-0UJHvbT99m8
  • 3nslglrf8m28kt50x89jyk1vvs5qg433
  • ck184bf8z50lb9f1vnlb2lwmhzy9lvp4
  • _ekv1mqdut520dj6kmgejffdh1omspst
  • facebook-domain-verification=qh6e3psusrjxqotx5hx5idldpc7fo7
  • homesrewrites.azurewebsites.net
  • 2E2D-DF31-AE60-6FA4-4300-195E-A38F-04F5
  • _globalsign-domain-verification=ygyjmqxnJePai2BalZgoTefqKHjxUrUM0VwTgI7lim
  • 1bfrl2m5gxdl3h8q2l42yjv7twvrzjm3
  • infoblox-domain-mastery=66cdb33da1fd457a8e620cd7418780e37486e14320d6466160efeed1c6b42db8fd
  • atlassian-domain-verification=YmLjI65Y/Y9tXj7DGGoQTduSaKseZsRDMzwddMHRUxvlGuf2XWSU9JQLxh6ka6o9
  • onetrust-domain-verification=de92ed338c1844f9912572aac96efdc8
  • 8a576bea0a984b8f8ccbaaf86fd63142
  • ed5651378e
  • ms-domain-verification=9b399f71-ee51-4ecf-87f3-ffd6b36aef5d
  • apple-domain-verification=8wUtIQpel67fBd6gZmeYu00L5rQ-q5x01YyRvZXvUKc
  • apple-domain-verification=kJg3RXzxrs1z9j9I
  • cloudhealth=1fa54105-0c86-4311-8403-0abe592c34a3
  • 7qbt4vwvb9lmtgtmx99qqkcldrkt5f22
  • jamf-site-verification=Xh2qpCvGsV2YYKOtV_9C4Q
  • adobe-idp-site-verification=a64e50ed52f98f48f7c7016f578d90430fa37751e1c0d20519bb86bf8811a048
  • 04hwn96wq59dfdwqtx79mjk0dryk10gc
  • Dynatrace-site-verification=72772d5d-e259-40fa-9b29-bae0b7f72d00__9htkvptl2gfoe2iombmu87p7qt
  • vq6lpsk9lklt6d2qpnb985dx07r91qpt
  • MS=ms35314715
  • google-site-verification=FKijZCsx1UCydtYo2KJ1YIKBI-UaCa0JD3NzSI8BhG4
  • ecostruxure-it-verification=c370f1eb-3d36-4354-855d-fc3b3acb151d
  • g30gs66pd78lky5mkdj3s1h0ddh33d9h
  • onetrust-domain-verification=715f8822869a45ff9075068425053352
  • d540580248d94c55be7dfccc2a704c25
  • 2018022206124533x7pz81yik8ath98grb21dgjgjwqi7vdas85cx2c5thlxx88c
  • Dynatrace-site-verification=8f3ffe3f-9d03-4325-b20b-8f52f6c4e854__ul3fnb5j70rne5hm4a0qqjlfsi
  • ljx6r3n4y9dwg1km6hf111lvws24kb5n
  • jfhh1qd3qzr54n23vsdmgx940cvqqly1
  • CpZ7D7tkbNuFuASHWw7XdFiXubBMrtuSUyF36YiISQ3fGy6i28hNDZKWTfZyu6PmYyIewNn58uM00aGMIf9Zlg==
  • docker-verification=c3b60965-daa6-4169-a644-a49eed7ec962
  • atlassian-domain-verification=ITNIZVesExcuGSbhQG3/U4PRsAZ/o5eXB4E2HU2GnDu/ealmdaZlqqszkqyie5NU
  • c27hrios713h36inlruvitgdr
  • dell-technologies-domain-verification=honeywell.com_e5d43eef-54b4-4231-a7db-14ab436f03cd_1743244684
  • _globalsign-domain-verification=SQONiBgTxRVzPPtIHjei_IUGCiAa0KxoVWFw1QfVes
  • apple-domain-verification=671ZnfhWntPMrwB0
  • smartsheet-site-validation=O-wW7LMfAeeapg6ccmugdQrE5JLQTP9I
  • smartsheet-site-validation=5mhmKDugxkcykKm7QEHQh_W_pu8dOjrA
  • pendo-domain-verification=f0358d57-8a74-47c7-8587-f90e6f024e22
  • _globalsign-domain-verification=gGX2GE0RtzqfPpvRIICZSe0MyOeNwyD-vj7ZtKCyvG
  • _globalsign-domain-verification = R1bvWDvJUF1gpXlmc7Q3deFwpZciil5dpJR4t-a8XM
  • atlassian-domain-verification=9/Q/LyV6tZ7gS/gzkImYuxf/0kqwl11QGaog81HrUX77KZbelw8/FTLgia5rlVOg
  • vmware-cloud-verification-4cafe0c9-290b-47ff-967d-af6135241ff0
  • 3uvUsWYLVTiRB+qIRL4SugHQhjKlHiDFExvbhDey/CL+oX66+F4TIJzPH97ktR/dJPZjSrX5BMjhiQUqvSeH7A==
  • mongodb-site-verification=xyW3CiSPMn2xF6KsxgUcsMt8rBDXRc2h
  • google-site-verification=FEBP9jXiur7dGyxzK9t-a8NQQc-56BvG3Fv3HsUfNGo
  • twilio-domain-verification=5095bc933cf91b5cf15c4a18f2acfa0b
  • pexip-ms-tenant-domain-verification=05bfaf3c-9c9c-4732-801a-d846c9ac1248
Cloud / SaaS Services Detected
Adobe Apple Atlassian Microsoft 365 Salesforce Twilio Marketo Flexera Oracle Cloud JamF Mandrill OneTrust Cisco Duo DocuSign

Leak Screenshot:

Leak Screenshot