hess.com
hess.com
Group: dispossessor
Discovered by ransomware.live: 2024-04-19
Estimated attack date: 2024-04-19
Description:
hess.com
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 15
Compromised Users: 144
Third Party Employee Credentials: 6
External Attack Surface: 69
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain.operations web.com
MX Records
- mxb-002e8801.gslb.pphosted.com.
- mxa-002e8801.gslb.pphosted.com.
TXT Records
- v=spf3 include:_spf.m.outbound.surveymonkey.com include:_spf.lr.surveymonkeyuser.com include:_spf.hr.surveymonkeyuser.com include:_spf.mr.surveymonkeyuser.com include:_spf.outbound.research.net ~all
- docusign=a95c87ec-e696-4452-8268-84e155aa49b2
- _vckorvn5fpl7pcgj3s1fkuvx8wocu6h
- imbRrK7F0gPdFr+xg4JsEvKkAxaXb+OG+wxZQ8qn3iF/TgUawKYeuLe1VIL3VnQmwh3rDmO+IaGRBzNg+N5YUw==
- apple-domain-verification=PV2LJtCkHtVeU2KR
- miro-verification=00fe64cfbbad7c7c28b0c48b81610c45d75a889d
- hessdotcom.azurewebsites.net
- google-site-verification=6fqAp2k_6lLN0rEBRWpqgo3gqlnrA9IRLrULtq0Azmc
- 8b8a8295-bebc-45ce-9240-83361daa88f0
- v=spf2 include:_spf.surveymonkey.com include:_spf.research.net include:_spf.go.surveymonkey.com include:_spf.t.outbound.surveymonkey.com ~all
- docusign=162ade81-df55-481e-930e-0e4e65bde2f2
- _giuoi6dras30ptowrt8maj8hzs97gsm
- adobe-idp-site-verification=41ed5b420a88e57c16dacb561a051b01cefe0ec4090e57994415df05534b61dd
- v=spf1 ip4:162.246.32.81/32 ip4:52.203.105.11/32 ip4:162.246.32.84/32 ip4:162.246.32.82/32 ip4:162.246.35.81/32 ip4:162.246.35.84/32 ip4:162.246.35.82/32 include:spf-002e8801.pphosted.com ~all
- MS=ms87923444
Cloud / SaaS Services Detected
Adobe
Apple
Microsoft 365
Miro
DocuSign
Proofpoint
Leak Screenshot:
