Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo netscout.com

Group: dispossessor

Discovered by ransomware.live: 2024-04-19

Estimated attack date: 2024-04-19

Country: US

Description:

netscout.com

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 3

Compromised Users: 233

Third Party Employee Credentials: 15

External Attack Surface: 77


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse cscglobal.com
MX Records
  • mxb-00196b01.gslb.pphosted.com.
  • mxa-00196b01.gslb.pphosted.com.
TXT Records
  • apple-domain-verification=RWnFoQ7OqecMgunE
  • amazonses:YndTWJpfz96U/T+ddbE+8R8i+n8R/2Gvy8wBDbP7Z+c=
  • v=spf1 a:spf.peopleclick.com include:spf.netscout.com include:spf-00196b01.pphosted.com include:spf.protection.outlook.com include:_spf.salesforce.com ip4:13.111.68.128 -all
  • klaviyo-site-verification=QVA9hz
  • google-site-verification=ED8kX4iYN1SMkinJMLE5zrZA41GzfeoR9hLPAz0sIn8
  • 86N85hy5psp4I4kXwqXj6r/E5eGxpVzUhs9ztOzODD6aWDlc4BBvQNA4TjHMma7dGVxmLxXgH6XbzjaoEWOqTQ==
  • pardot1034473=ab9d3b5a1eaa665e0e720e9d1d64415fb213804e13ed285ef0ce5f96cf07a5cd
  • sending_domain1034473=1efcad9c18e522b181db7891e9fa6f635b7d1a81764347cda71ba81ccb6cc702
  • N3keJqxJUwg/xpbm/IWyQIT89s4QBdXlkLgmeeKxVOnu3TvpBXDdPuJ6nMoeHD52
  • pardot1034473=70cfb37f5d8ff2017af5ef3e876f163b90c07198ae27faa473c380bc5ac8e3ab
  • MS=ms40257330
  • infoblox-domain-mastery=c254f1f05528236d3766616f4cf268ee720ae700f192778b6971648060033a54f3
  • ZAptkhd3oCTFvKZFfy+DrYD8rioXFZtu2DmnmUxPPJ+fpCKJtkK0fW+SKnO8Yetfv2MwvnvuNZ1+cfgS+uF3qg==
  • ZOOM_verify_k1VjbGovT9S3mlrfc9J06w
  • atlassian-domain-verification=OE8dCIGuCALNDaoWzPZNP4NjgNbCqkfh/IyNWaeLQTV7irxUAd65yJXUtTShYIBj
  • paloaltonetworks-site-verification=7c5977fd3c3397f63f67a57b883b3bd56b405928afa42fb838aae6b214486b24
  • adobe-sign-verification=fa1a5a6bac8b9f5f7a2e5c791a72c6c4
  • webexdomainverification.28B3I=d92a6299-3f38-4809-987d-f189c213097e
  • ciscocidomainverification=23d1bd02b91304f9d5be2a96565df7c5580db7afeb69e1bf170d42ac6e89f100
Cloud / SaaS Services Detected
Apple Atlassian Amazon SES/WorkMail Microsoft 365 Salesforce Proofpoint Cisco Webex Zoom

Leak Screenshot:

Leak Screenshot