Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo swisspro.ch

Group: Blackbasta

Discovered by ransomware.live: 2024-05-04

Estimated attack date: 2024-05-04

Country: CH

Description:

swisspro ist Ihr perfekter Partner für massgeschneiderte Gesamtlösungen rund um Beratung, Realisierung, Wartung und Betrieb von Elektroinstallation, ICT und Automation – ob für KMU oder Grossunternehmen. Mit unserer langjährigen Erfahrung, unserem grossen Know-how und den modernsten Technologien unterstützen wir Sie ganzheitlich, kompetent und zuverlässig, damit Sie sich ganz um Ihr Kerngeschäft kümmern können. Mit unseren rund 1’000 Spezialistinnen und Spezialisten an 20 Standorten in der ganzen Schweiz sind wir immer in Ihrer Nähe.SITE: www.swisspro.ch Address : swisspro AG In der Luberzen 1 8902 UrdorfTel# +41 44 444 11 22ALL DATA SIZE: ~700gb 1. Corporate data 2. Employees personal data, infos 3. Customer data & etc…

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 4

Compromised Users: 6

Third Party Employee Credentials: 7

External Attack Surface: 3


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • swisspro-ch.mail.protection.outlook.com.
TXT Records
  • nf93W7twVv0q4C2oXD+Pwh128Bl0dfIqwENDRen31/bZRlx3/c8z0ScRghvIGMqIyzMzSl2CsNjsjhuc6W1oBQ==
  • mindmanager-verification=f18e73476a46192884537118d5a93564f8301a347e7b447af4cec00f3fb6059b
  • google-site-verification=anVpOz6QLmkr4Uh-hP3eHC7-m5EVHw-1fYQq4hrbIh8
  • 527AA6E8-6E7B-4360-9CB7-B8B925F1D572
  • mx-1cf1293eee16ce7e
  • v=spf1 ip4:212.80.96.0/21 a include:spf.protection.outlook.com -all
  • QuoVadis=4cf0ad2b-9210-49ad-a121-57a0cda1d1bf
  • eavc8n8ev8sgnl23cg5es60f3b
  • google-site-verification=EIGhWQXmYEaB41kP6KjSaBKJ-CqJML_VUXkr8Vx00qM
  • MS=ms71583811
Cloud / SaaS Services Detected
Microsoft 365

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.