linfo#####
linfo#####
Group: clop
Discovered by ransomware.live: 2024-12-24
Estimated attack date: 2024-12-24
Country:
Description:
Presumed victim name: Linfox - Cl0p announcement. We have data of many companies who use cleo. Our teams are reaching and calling your company and provide your special secret chat.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 12
Compromised Users: 13
Third Party Employee Credentials: 13
External Attack Surface: 5
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domainabuse cscglobal.com
MX Records
- mxa-00221f01.gslb.pphosted.com.
- mxb-00221f01.gslb.pphosted.com.
TXT Records
- ca3-c4e0d9258fec420d99273f1d5d2110bf
- ibmid=17472a50-10a4-4a3f-8a78-d6a9c79e9409
- v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all
- vmware-cloud-verification-370ab984-7f79-4f7f-acef-02cbc36f9ee5
- google-site-verification=J1R3h_MfgAfEyxGOukJvUDGKAB75e0bCbKKEUtJEX3E
- KqR42l9UovaZdEKda8WzObg6EVpZgzUSoqHDG5yINLGv4Y68FygWIBCcqIbkzp/kCRZUTmJjk6f4jUfbylnGdQ==
- OuUOJv6R4algWGMkjyfYB8S97wYG+8M15i/zk+e6L0schn1IjTWtFGdspaWz+bov6v5HHlXxw2s9dhYryOso0Q==
- PmjRFG8OEUES0fj0urCsCDjLTkIhQj2p7rpL8OQjAyXDWWHgehTot0o6fLMQwWlAmqdPCn7ARqQcmDrbn89Usg==
- atlassian-domain-verification=DxLC9dmaq1bxxl0ngNekaVuQTvqrMaSv6uIm5oCl4Jgl8whyeu2GfvfHEOZf6LPl
- Rz5q42uTFJK4LoSkEvGj
- ca3-5cbf01b7ebd54ab98e92379904048dc3
Cloud / SaaS Services Detected
Atlassian
Proofpoint
Leak Screenshot:
