Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo manitou-group.com

Group: lockbit3

Discovered by ransomware.live: 2024-02-02

Estimated attack date: 2024-02-02

Country: FR

Description:

Manitou Group, headquartered in France, is a heavy equipment manufacturer specializing in forklifts, telehandlers, aerial work platforms, and warehousing equipment.400GBSpecification, drawings of equipment elements and parts, developments, source...

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 24

Compromised Users: 103

Third Party Employee Credentials: 101

External Attack Surface: 27


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • alt1.aspmx.l.google.com.
  • aspmx3.googlemail.com.
  • alt2.aspmx.l.google.com.
  • aspmx.l.google.com.
  • aspmx2.googlemail.com.
TXT Records
  • qwpb6x5.impervadns.net
  • wrike-verification=NjE1NTYzNTo2NTc1ZGEzZTBkNDJiYmRmYzg3NzNlYTQxOTE0OGU4NmQ0OWIwMzZjZTQxZDIwMzdkZGUzODhmZDgzNGNkMWM5
  • 5mc4hyo.impervadns.net
  • _9sqnd6eiasjlw16xespue1t7hjug4av
  • MS=ms29417346
  • vwxzwd2l5h52sfhhwj9jhw8tn1v26hwq
  • google-site-verification=3FPQzPN7Wd3S60irAZYfN0o4iukn6oLy-qMOjgVTBiE
  • google-site-verification=UqUzZGY_S_lTARlr5RUFC93x_tdy8iYTpHf6QuAULW0
  • bw=CgJ0IUezyCjcElyMQL5v/i+xGlW+IApA5VSG+urwUgTQ
  • MS=ms27862838
  • _g74fwhqts2ez1sb7ibgirs3cgk3z2pw
  • manitou-group.com
  • MS=ms32807761
  • tiq2o2o.impervadns.net
  • 5uah5jc.impervadns.net
  • MS=ms69545167
  • 962FE8236FF4E3C72E1273634B71F9F1BCDBAF8D
  • globalsign-domain-verification=1D80EA49B72E3FFF5392BC3688D4AA65
  • globalsign-domain-verification=20B2A9000DCAD994C530B5AD1EE8A28B
  • globalsign-domain-verification=E8F26AB89FCD654EEA69892960451CD4
  • p6tm9mu.impervadns.net
  • v=spf1 ip4:31.222.193.4 ip4:31.222.193.34 ip4:40.127.176.0 ip4:137.116.232.77 ip4:89.107.170.145 ip4:81.117.58.134 ip4:62.28.72.155 ip4:46.19.120.131 ip4:198.99.255.17 ip4:84.45.33.226 ip4:54.204.38.97/24 ip4:35.181.25.130 ip4:23.21.109.197 ip4:23.21.109." "212 ip4:147.160.167.0/26 include:_spf.google.com include:spf.mandrillapp.com ip4:149.72.30.36 include:servers.mcsv.net include:amazonses.com include:_spf.salesforce.com include:21171537.spf07.hubspotemail.net ip4:5.135.98.231 ip4:5.135.98.232 ip4:5.135.98" ".233 ip4:5.135.98.234 ip4:5.135.98.235 -all
  • E70C7C19F7088AC6BEE204653DE52EBEB11DA9BCD45D06A8C8E509E53F138522
  • globalsign-domain-verification=6934BB50C3683EF98210BBB9C51FAC3C
  • MS=ms59849463
  • globalsign-domain-verification=a966972b243b14958a3a70926eae171b
  • globalsign-domain-verification=80A9469A4BD3A4FD15543B64A06C3CD7
  • aEEOKShTj6x7NxIJqXCg7IN/0jvKFnzKUpXdyP/HjojcD4mVr7SBMF+2M7ldMoH0sPgrRL6ITln/SvuzkF3Wkg==
Cloud / SaaS Services Detected
Amazon SES/WorkMail HubSpot Microsoft 365 Salesforce Mandrill

Leak Screenshot:

Leak Screenshot