Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo paysdelaloire.fr

Group: lockbit3

Discovered by ransomware.live: 2024-07-19

Estimated attack date: 2024-07-18

Country: FR

Description:

Regional aid and services foreconomy and innovation Industry, commerce, agriculture, fishing, food or research... I discover all the regional aid and services useful to my projects for my business, my farm or my organization.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 902

Third Party Employee Credentials: 4

External Attack Surface: 63


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • contact dri.fr
  • domainmaster paysdelaloire.fr
  • nic dri.fr
MX Records
  • mx1.paysdelaloire.fr.
TXT Records
  • google-site-verification=00ZlGia3EumbN73-mosxZiqpvijvzHfbZvexBVr-1B0
  • have-i-been-pwned-verification=cd948565629d92021e7b104d73e7836c
  • d365mktkey=2rh4kht9s92lpc9kmvumv8nq8
  • adobe-idp-site-verification=a7dcf837bc2c1ae6931f84e4ca5eaa65fcb00ee97fca4be8f8bb6599bf435214
  • BSm/PvBjskfywpHEBzQL9pdZ9yE=
  • v=spf1 mx a:relay10.gfi-info.net a:relay20.gfi-info.net ip4:80.82.234.101 ip4:80.82.234.106 ip4:46.18.195.48/28 ip4:178.33.42.53 ip4:87.98.154.168 ip4:87.98.181.238 ip4:46.105.34.230 ip4:37.59.224.153 ip4:37.97.66.84 ip4:163.172.35.106 ip4:87.106.52.129 " "ip4:185.218.155.54 ip4:213.245.2.0/25 ip4:92.222.104.13 ip4:137.74.24.205 ip4:167.114.226.248 ip4:185.66.233.0/27 ip4:5.39.0.140 ip4:178.32.127.87 ip4:149.202.177.210 ip4:217.182.247.225 ip4:54.38.160.88 ip4:46.18.195.234 ip4:46.18.195.142 ip4:195.83.167" ".123 ip4:54.36.157.210 ip4:217.109.233.91 ip4:198.21.6.129 ip4:46.235.17.249 ip4:46.235.17.250 ip4:46.235.17.251 ip4:46.235.17.252 ip4:145.239.184.33 ip4:145.239.184.34 ip4:40.79.138.192/26 ip4:13.74.106.128/25 ip4:13.69.226.128/25 ip4:87.98.154.168 ip4:" "46.18.195.4/30 ip4:5.39.8.122 ip4:5.39.8.123 ip4:46.18.195.182 ip4:5.39.8.116 ip4:20.74.37.146 ip4:20.74.97.162 ip4:20.74.99.62 ip4:46.18.194.3 ip4:46.18.194.117 ip4:46.18.194.118 ip4:185.182.168.90 include:spf.protection.outlook.com include:spf4.sbr-mas" "ter.net include:spf" ".mailjet.com include:spf.tipimail.com include:spf.local-trust.com -all
  • MS=ms89117991
  • apple-domain-verification=030gs9t1zi9onLRv
  • d365mktkey=kloWaHQThhqdpZjpRxuuxDpgiWqATxbfyuYh6zYnryIx
  • zAxwPRKmUhK+SYi4vDC0RAb13/+XVM+5AlDN5XGM71RLQqKcEtySkGI0mPCuQYATn9U1j4xXzs5AhVM6HV/64Q==
  • W1YdPf5rqoLHgWHIwrG4cMGZDR8=
  • google-site-verification=x0Y3jN3ZVaKYHUNxJkhPAcjLTs1e1wXQ5aRY4URjgNc
Cloud / SaaS Services Detected
Adobe Apple Microsoft 365 Mailjet Have I Been Pwned

Leak Screenshot:

Leak Screenshot