synology.com
synology.com
Group: Underground
Discovered by ransomware.live: 2024-05-01
Estimated attack date: 2023-05-30
Country:
Description:
Revenue:$183.6M - Country :Germany, Taiwan
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 21
Compromised Users: 21778
Third Party Employee Credentials: 8
External Attack Surface: 23
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- usmail.synology.com.
- mail.synology.com.
TXT Records
- v=spf1 mx:synology.com include:_spf.salesforce.com include:amazonses.com include:spf.mandrillapp.com include:_spf.getresponse.com include:md02.com include:eu.zeptomail.net ip4:63.145.198.179 -all
- MS=ms48619058
- ZA=zRLoTz+5H4NqLuCfaPj4/w==
- google-site-verification=2uuWSS-PQu_3wdAfpKznMi8j_LmMJNNxDCo5CQBl-qw
- google-site-verification=ALTosOMjfqO1e3waISlqUtAWVDPbkd1xTc2zZTecJEI
- google-site-verification=BbJczAIhIiCLaNKZgHnZmvApYcQ15k3hu1rsrNWFdWs
- google-site-verification=JVX3mTh4Tf0UkH7dbWDkRXj2sxVsD9BG5vhu_fme_eE
- google-site-verification=XrSxJM15m-RvajbL3iwihOg5rO0KKqzKb_48F5Tck54
- google-site-verification=iZjYDwFil9JWa4480fxaMOv0B0Gn_47rgtpuoRRN-iE
- google-site-verification=vpw-OR-MsiNlWHU3DZRHsOZ_hKvDFg15c4_4uoJnX5c
- google-site-verification=yye3FPh6LcNp7ErWXUcEB7XEMehHrKd3ThjBMmsV7mc
Cloud / SaaS Services Detected
Amazon SES/WorkMail
Microsoft 365
Salesforce
Mandrill
Leak Screenshot:
