isometrix.com
isometrix.com
Group: cactus
Discovered by ransomware.live: 2024-07-17
Estimated attack date: 2024-06-02
Country:
Description:
Download link #1: https://***************.onion/ISOMETRIX/PROOF/Mirror: https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/ISOMETRIX/PROOF/DATA DESCRIPTIONS: Personal identifiable information, employees and executives personal files, financial data, customer information, contracts\NDA, corporate correspondence, software development data etc.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 3
Third Party Employee Credentials: 2
External Attack Surface: 2
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domainabuse tucows.com
MX Records
- za-smtp-inbound-1.mimecast.co.za.
- za-smtp-inbound-2.mimecast.co.za.
TXT Records
- MS=ms87680391
- 5rtnb369mjrndo73fe9oqijk09
- google-site-verification=uhOXIVMOqdX083K-Cc0UlkUHyjoL2REQ5Wv1Te2U2oM
- v=spf1 include:za._netblocks.mimecast.com include:aspmx.pardot.com include:_spf.salesforce.com include:spf-westeu.emailsignatures365.com -all
- atlassian-domain-verification=5a3PJqaoilNQ6QK74WWlzfr3cCn0VwB8TA7Nsc9yLTb19OhlwU1o0M7bswC5dwgT
- atlassian-domain-verification=5h9XyASfdYVO8H7zm0tR5co75VaPr14AsLVQ58d6YKsPRi9MSNUhGOwPHexRFf76
- vdohfhpsreh6moac18cmsa3agr
- phhqs8g4l61l675flohe6gfsve
- atlassian-domain-verification=hXO9wGWHzhODZjp5fYtWlcIVyIPJVOfBg0SAKhi4WNBqiGirE9Zz0iP9CKB5OCbs
- pardot890673=36324dfa52450344306664e1812f4ca4e34600dffbf0e418961fe1066645bada
Cloud / SaaS Services Detected
Atlassian
Microsoft 365
Salesforce
Mimecast
Leak Screenshot:
