londondrugs.com
londondrugs.com
Group: lockbit3
Discovered by ransomware.live: 2024-05-21
Estimated attack date: 2024-05-21
Country:
Description:
London Drugs offers weekly flyer deals, Earth Month essentials, savings events and in-store events for various products. Shop online or in-store for pharmaceuticals, cosmetics, electronics, cameras, housewares and more. With endless revenue, greed...
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 11
Compromised Users: 710
Third Party Employee Credentials: 21
External Attack Surface: 3
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain.operations web.com
MX Records
- londondrugs-com.mail.protection.outlook.com.
TXT Records
- l4G8wkFeBya8EUCiGwLub6cGUh01uNwstRYAmrC9S0leL+3uh+SI7OAnNIsu3lGGf9bs2rGXu6UqWgCmix1cag==
- teamviewer-sso-verification=9c75ee1e611e4dc9aa371e819ad96a2e
- twilio-domain-verification=153aaea6f8cd1bd8a385d5a5c13bb7a2
- d365mktkey=V5BmzBEMRzwK7aS4Nw3xThyOK9BMfoQd8CAoIhvjjVMx
- d365mktkey=zV0FxzKLvGxacPGCIa0YEDDgcEffxBkvDCW6HCJ3SiEx
- 3mnYnU9mHi/mUTSeLE6G2yBMvRCj8Hm8CN8OSy0GFAYa7KgILkGMDh3+ncVBvhf4
- bw=3ejMoxTMSKNaHierDy3YdHcFtFByoqlIcdp5BrAeINNz
- paloaltonetworks-site-verification=30a6641372a4702be8a8a983ca13fdd52212737be4830716ddfdc6d15432fe46
- atlassian-sending-domain-verification=c552e34e-b26e-48b1-8d8f-63c734e3dd7a
- d365mktkey=xYTx5xqCpTjAKDwbXHvkqFZuz7xCHm1m824llPSHch4x
- k618ctr2p7t1e10nu12qp66mg4
- 0PaUJyFxIhpVyZGOO4Fe9IPUQ7D9PQuj32Ictlqy7CRy9mjYQqJtDGdpUxo2GquyGWG+3N/HT1p2n1RBg1KJdA==
- d365mktkey=mAi4GIbMkNTMW1xewdtP4I2K9Ep8AK5rFIsmJwJrKHox
- google-site-verification=8WeDrcsegJ5XjqZ68vSd1yJBfmkuU6-1M75LR2_lFv0
- msfpkey=5fxjysdpdscp27rddaxi2b4js
- google-site-verification=ity6XAanV8sKaNEETtn2Tl5rBMv3wT-OQqhvTG5pFFk
- 5mh948ol69d0vduj3br80bmmig
- google-site-verification=PlnL_6neMYHCP-UYY6pl6BLfLD14XGfrjWqPIxHDha0
- atlassian-domain-verification=3mnYnU9mHi/mUTSeLE6G2yBMvRCj8Hm8CN8OSy0GFAYa7KgILkGMDh3+ncVBvhf4
- v=spf1 ip4:204.124.171.0/24 ip4:64.90.62.162 ip4:207.207.49.66 ip4:64.39.96.0/20 ip4:64.41.200.0/24 ip4:52.22.165.122 ip4:34.208.164.190 ip4:208.74.204.0/22 ip4:46.19.168.0/23 ip4:204.93.64.116/31 ip4:192.250.208.112/31 ip4:204.93.64.13 ip4:207.46.100.0/2" "4 ip4:207.46.163.0/24 ip4:213.199.154.0/24 ip4:213.199.180.128/26 ip4:216.32.180.0/23 ip6:2001:489a:2202::/48 ip6:2a01:111:f400::/48 include:spf.protection.outlook.com include:customer.securityeducation.com include:sendgrid.net a:production.ld001.londondr" "ugs.demandware.net include:amazonses.com include:spf.workfront.com include:mozu.com ~all
- raphntflbvbie6732kj6f1p06s
- onetrust-domain-verification=880ee1b479644b9683f88cd887a95d60
- apple-domain-verification=VgRlgilfLSO8JCg3Tx2mGy_A6wGr1EhLljoZ9aoOJOo
- MS=ms70151925
- pl08c442orb4o89m54u1sjravo
- cisco-ci-domain-verification=2d6ac557a40a78341ea5e05bbbb0dcdd849e7d4861a10c553669ae382cf73d7e
- pk6s7lm9u0hjcfpchjf0releee
- 893f3899-320b-495a-8bc1-5b79771a2892
- 7bhd1bmulgvr7ssrl3pcauh3hu
- d365mktkey=AeQxadtMCyqQnTjPC56Z4cxTm05WFshFoEpSWtJ2o6cx
- d365mktkey=LiT5rFOU8EZKKgafsOYjWHrUbIhhq0nLx2xS7njkqSgx
- d365mktkey=xrtvxIvxrGrtqETOMrqN9MEInxEhirPMHZ0iWWujyH0x
- a6ofoocm7bqs0e0145nj6eu1d9
- d365mktkey=DWb6An56fr7cevW4GN5FEsURKBVrBXMoBhD2OcS0t5gx
Cloud / SaaS Services Detected
Apple
Atlassian
Amazon SES/WorkMail
Microsoft 365
Twilio
Teamviewer
Cisco
SendGrid
OneTrust
Leak Screenshot:
