hafele.com
hafele.com
Group: lockbit3
Discovered by ransomware.live: 2023-02-28
Estimated attack date: 2023-02-28
Description:
Furniture fittings, architectural hardware, electronic locking systems - Häfele. The hafele.com website is currently being reactivated. On the night of February 2, 2023, there was a ransomware attack on the IT systems of the Häfele Worldwide Group fr...
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse corehub.net
MX Records
- ipv6mx01a.antispameurope.com.
- ipv6mx01d.antispameurope.com.
- ipv6mx01c.antispameurope.com.
- ipv6mx01b.antispameurope.com.
TXT Records
- v=spf1 ip4:208.185.229.0/24 ip4:208.185.235.0/24 ip4:148.59.106.0/23 ip4:148.59.108.0/23 ip4:3.123.206.219 ip4:3.68.129.51 include:_spf.hafele.com include:mail.zendesk.com include:_spf.salesforce.com -all
- shopify-verification-code=Xb9trG8vbCXHOJDuWo2fsFo07SnHTI
- jamf-site-verification=ngTG3XreGKKjK3GaQVLtlg
- atlassian-domain-verification=fTaI4sAlypHMIb21HHyuwKWuntACr1GpIzQm2q7JLrXRcEB3XBnIzmrQZdbPJm6W
- jd1kkpmhdTak3s6FCqtatqGz3sdI+cP/dfdZa00qXWlqB08GqOrcGq/bK+bPAMv1Nb/FvjRUgqb7daQXLiYNRQ==
- bw=klJpfafs6dEleTha3jIl46bRdjimCtvSR17ka9PjZR6n
Cloud / SaaS Services Detected
Atlassian
Salesforce
Zendesk
JamF