Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo polar#####

Group: clop

Discovered by ransomware.live: 2024-12-24

Estimated attack date: 2024-12-24

Country: US

Description:

Presumed victim name: Polaris Industries - Cl0p announcement. We have data of many companies who use cleo. Our teams are reaching and calling your company and provide your special secret chat.


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse safenames.net
  • dhahenllbbbo idp.email
  • hostmaster safenames.net
MX Records
  • polaris-com.mail.protection.outlook.com.
TXT Records
  • v=spf1 include:_u.feedback.polaris.com._spf.smart.ondmarc.com ~all
  • mongodb-site-verification=Lymo6erFycrVCwbVBoboM7neQ2H84ZDa
  • facebook-domain-verification=35qk2ivi2xpuw371hgkxj4b2wtnhto
  • teamviewer-sso-verification=113873a516d24540962185847cf5d88e
  • teamviewer-sso-verification=936dbc02ffff4db28388df70cdbe1cb2
  • google-site-verification=n5zvVv_s3_TBkwTgWwO8f5CKALTfAAYRPAuCqyZnNFY
  • MS=ms30776091
  • ms-domain-verification=8caaba00-f2d6-48a8-88d5-c969b1450a6c
  • atlassian-domain-verification=c8lQnqee/vE99Z8NEX3kr2cnHCGz3ilQBdOBx8rhpOljgiCUDgZVugfMGY1HNtBh
  • ciscocidomainverification=90d2a37097541784ac8197501b20c9f0d727329fdc280dc3d26eeaf162a8b04
  • docusign=0fc716a1-0a11-409b-84cf-eb25cc09e3b8
  • adobe-idp-site-verification=e185c96bdcf698086e96e9dfa93b715cd0ddc74e80bf382e049c9b7c174be13b
  • https://portal.azure.com/#@polarisind.onmicrosoft.com/resource/subscriptions/5ce49516-cfa3-4a74-a30b-31061a4d3f4f/resourceGroups/prd-crm-dealermanagement-rg/providers/Microsoft.Web/sites/prd-crm-dealermanagement-dealer-web/networking
  • U31oCky0OZonz55eqjf9EeumkK/1M7bSNEjSS3qRJZShkKFMAyvc0AAEsfIUqMazUoO9tHxeX8S2KsJ9guuacA==
  • v=spf1 include:_u.polaris.com._spf.smart.ondmarc.com -all
  • apple-domain-verification=5jfyG9KzVoSbjlkX
  • _globalsign-domain-verification=9E7j0YH5IcihU0jGtvx8BMYQki_VID-M3wd8b5VRqd
  • amazonses:UbHZPbtbPPc3/yz6vWi1+nXrrqh3yX0++wrmjEykLwI=
  • _t5v63jjnd857ym0899lhjur4vl7nasx
  • msfpkey=2q7vvcpucyb9hjxw3my0grfoh
  • _globalsign-domain-verification=2bNV04dmmDgCdjMo3ca1JUONxuntxzlq4qHs7ER7o6
  • duo_sso_verification=3UnHC33IBYbTT8e9N6fYzo5mQ3eCzfk0h3D0w6mYplRQPA3kxoIzQ3CTH7FCTQx9
Cloud / SaaS Services Detected
Adobe Apple Atlassian Amazon SES/WorkMail Microsoft 365 Teamviewer Cisco Duo DocuSign

Leak Screenshot:

Leak Screenshot