sweet#####
sweet#####
Group: clop
Discovered by ransomware.live: 2024-12-24
Estimated attack date: 2024-12-24
Country:
Description:
Presumed victim name: Sweetwater Sound - Cl0p announcement. We have data of many companies who use cleo. Our teams are reaching and calling your company and provide your special secret chat.
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domainabuse cscglobal.com
MX Records
- us-smtp-inbound-1.mimecast.com.
- us-smtp-inbound-2.mimecast.com.
TXT Records
- google-site-verification=wwlMm-6a85Ei4fUfHESjX-KDgdf76TCCpCuW2q3j6Ik
- _globalsign-domain-verification=-dLoamn_W8k1SJs3XuoC2JQZYSqmsrjSq07J0B0nq9
- onetrust-domain-verification=8fb8b3c21c4e4f18b37de912b79a32e1
- MS=ms63505712
- v=spf1 include:spf.protection.outlook.com include:us._netblocks.mimecast.com ip4:206.71.152.0/23 ip4:66.249.253.0/24 ip4:66.249.254.0/24 ip4:199.115.76.18 ip4:199.115.76.26 ip4:192.40.173.196 ip4:18.208.102.98 include:spf.mandrillapp.com include:_spf.atl" "assian.net -all
- atlassian-sending-domain-verification=71196a67-62f3-4893-841d-6198de65ebcc
- 1password-site-verification=4NFML5TUDVFKJBKTSI5Q3WHL6U
- google-site-verification=2mT1PTrd_ro8TtaCoQHnrhkWMrDFCZmQIQZYJY-OhhE
- apple-domain-verification=nubN2cNjt2cHnStu
- google-site-verification=XHt4aZB3-ZprgBNuIUTEt0A0OWp7defUrVP9V5zcGfg
- docker-verification=de95489c-7d39-4147-a233-b457d3c45159
- google-site-verification=Cdpr1psujYLxVp5GwjSrvMvOrBFOw0MGftPq_RZV13A
- atlassian-domain-verification=y1mkctDu9M5lyrVx11gE91kpU6c5ea8V9P9uqvztUeTwLEt8xby8eFmMyxhWOs8H
- twilio-domain-verification=f97e1e335bf4b0fa5c60cec1acc48c9c
Cloud / SaaS Services Detected
Apple
Atlassian
Microsoft 365
Twilio
Mandrill
OneTrust
Mimecast
Leak Screenshot:
