Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo scrubsandbeyond.com

Group: blackbasta

Discovered by ransomware.live: 2024-06-25

Estimated attack date: 2024-06-08

Country: US

Description:

Scrubs & Beyond was founded in 2000 with the thinking that the healthcare retail experience could be completely transformed. The result was a retail experience that elevated medical professional essentials beyond the practical — and added a much-needed sense of humanity that was otherwise missing in the industry.SITE: www.scrubsandbeyond.com Address : 12969 Manchester Rd Saint Louis MO, 63131-1805 United StatesALL DATA SIZE: ≈600gb 1. Human Resources data 2. Users folders, Employees confidential data 3. Personal documents 4. Departments data: Accounting, Management… & etc…

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 2

Compromised Users: 181

Third Party Employee Credentials: 3

External Attack Surface: 3


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • scrubsandbeyond-com.mail.protection.outlook.com.
TXT Records
  • _v8eoevqbzxklzqrsojqha4loiodo1b1
  • 9dkb7gt00d1q96cxznt547rdpkzlxdxp
  • 9qgx22nqnk5gmbf2j6665hkfvfh7fqk3
  • google-site-verification=piKZVMf-1cy3Opr12m2dXd0nR35HfM9JJCO2Wa-Hw3c
  • globalsign-domain-verification=c0eiOxKpXUEwBFE6rCeP6G3NG3gdGmg2orYY47EARz
  • MS=ms2ea81df4
  • 8jbg232oh5ofg4veo3iktol1tf
  • sophos-domain-verification=8e8676801d43ef9dd12cbedf9875d134633ef428
  • 3hxg410b6w37vhbczp99my5pttcw4lbg
  • google-site-verification=WtzA_Dy6ChweZv0QykPjkvifL3rW5wLer3wlP2aic2Q
  • MS=ms38116848
  • v=spf1 include:zeptomail.net ip4:18.217.198.157 ip4:18.188.66.80 ip4:3.130.8.24 ip4:3.16.168.137 ip4:18.217.252.34 ip4:3.21.145.66 ip4:3.143.64.87 ip4:18.190.103.24 ip4:18.225.14.176 include:spf.protection.outlook.com include:sendgrid.net include:spf.mand" "rillapp.com include:amazonses.com include:mail.zendesk.com ~all
  • knowbe4-site-verification=feda377c2fe882e0791310c90b95137a
  • twilio-domain-verification=09bf8959a84d563c7a6dc6f817b5d9d1
  • globalsign-domain-verification=DyhW6l8hxNEE1ZG-CYKNeBEsbrEmnfu4_FuGNkRGvK
  • spf2.0/pra ip4:206.18.101.128/26 ip4:206.18.106.240/27 ip4:206.18.123.0/26 mx ~all
  • facebook-domain-verification=ovjzouz8gts8a2ytyzy5toori7fm3a
  • apple-domain-verification=LqA8CgzjJwN01aa4
Cloud / SaaS Services Detected
Apple Amazon SES/WorkMail Microsoft 365 Twilio Zendesk KnowBe4 SendGrid Sophos

Leak Screenshot:

Leak Screenshot