Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo hear#####

Group: clop

Discovered by ransomware.live: 2024-12-24

Estimated attack date: 2024-12-24

Country: US

Description:

Presumed victim name: Hearst Communications - Cl0p announcement. We have data of many companies who use cleo. Our teams are reaching and calling your company and provide your special secret chat.


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse cscglobal.com
MX Records
  • hearst-com.mail.protection.outlook.com.
TXT Records
  • cisco-ci-domain-verification=4af156c7a6035dd082c62fa7043b0bb4e9da2f2900ae5f2b5a7f72d34ffd457b
  • cisco-ci-domain-verification=309a886ff4eb0e671e538ca75f3c5de712de3ad2bed27013f16fc60b12ddc9c8
  • notion-domain-verification=hlzWAKPiPRs2zbKp0I96dWNJZNJ7nSo4b3ZHnfbrSx6
  • adobe-idp-site-verification=3ebb0754e0941b0fd3e9cfe346802f5b6321a2a9bce74d7ffbcee597a1bbd8a3
  • adobe-sign-verification=eb30068563302a0a6c0f1de68864d2eb
  • atlassian-domain-verification=2rOUX25ehi4InHKegqa5eT/Z/EC95UjxgqRYIWDIySZpvfDFNBhCrzQFk9mVVKoI
  • airtable-verification=a47dff8c004f2cad718be191a79e8ad7
  • hearstpasswordmgmt.azurewebsites.net
  • wiz-domain-verification=0e3f64ae733aea426d564e2b1f371803c5580f839d43fe821cbf0fe66d584e8b
  • e2ma-verification=ma4cb
  • google-site-verification=AjW2fLNIdgg5pZkqZIyflemW5r950wmtHCHxSVKYgiI
  • airtable-verification=ab48b4f80d43093b53a8772b0ef082e5
  • docusign=e4d7f13e-ffb2-4ba0-a6ec-6d865bab3252
  • cursor-domain-verification-d4fpx5=vmflyrOWN0aQzqtMFc8a1P0VI
  • web-uipath-prod-eus2.azurewebsites.net
  • wrike-verification=MzkwOTQzNDo2N2Q0MzI1YzlkYzg2MDBiNDkwNmJhZjFlZDQ2M2IxNTk2NDc0ZjIwMWZkMzNkYzNmMDIyZWFlYmYyZGJhMTlk
  • hcp-domain-verification=f769cd97ee4754f3a0232b9c8a8ab0a1bdb8a2bae6cb0c64cafca0f5fc46cdcd
  • airtable-verification=cbec17bb4fe6f38058cbe4d4f9658270
  • airtable-verification=0f0251dc77f43af5bf767baa0448f4c2
  • mandrill_verify.VkMM1hCuxCfrpgalbgh2dQ
  • v=spf1 include:spf.protection.outlook.com ip4:205.220.176.159 ip4:205.220.164.154 ~all
  • docker-verification=27037386-c644-4e99-89af-a4d98661e08f
  • adobe-sign-verification=d7afcd41e96ebcb80db5c9a6702b9d
  • openai-domain-verification=dv-RaPQ8YcyomrHjsTvmKUf6fyE
  • google-site-verification=uFDc6rnAu77DCUHHG1qaCt4EFNPo61rFpw-iMRBr1yA
  • t0GUyZoqsn5tjHJHe4KZVzdbth89h3BxRro/Fw/n14tjG3+La+EFE5VB7EXOOpm70VInJNRznImylwp+ZVdEaA==
  • atlassian-domain-verification=FpL/aWW65m3p2lAjgu9uaxMnORyl2KLKjkSbpFUulvCwkkhAoyMCv0fc30dxJ7Hh
  • docusign=2b1f946e-d693-49ff-b53e-4ec4ccd8adec
  • MS=ms38393776
  • miro-verification=3a3b49cec2c4325b6f6ec95490c8c58620087a76
  • flexera-domain-verification-iczapnfovkifxthe
  • google-site-verification=MYIZrKtqSPysNnlb1FKpUU0HGWEjdpoKiezkfH-8hFs
  • extensis-domain-verification=b7f72939-40ad-40c1-b557-ce6a77b5e012
  • ciscocidomainverification=5630919f80e612cde8650ec21ac3008586dc3228884051a54dd9a17b9fb176d0
  • bevdysxbV/ofNW1GcyD/QoxwINKyv7aga/niub4VVpWresX2HSK2urX6TzlWoj0o25iWeZc9m7Bnfb7TE7JTCA==
Cloud / SaaS Services Detected
Adobe Atlassian Mailchimp Microsoft 365 Miro Flexera Cisco DocuSign

Leak Screenshot:

Leak Screenshot