Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo payroll2u.com

Group: lockbit3

Discovered by ransomware.live: 2023-01-21

Estimated attack date: 2023-01-21

Country: SG

Description:

Hi to all!Let us introduce another IT company that provide super-secure payroll services in Asia ;) Headquartered in Singapore.Payroll2U has such clients as AirAsia, Klook, Smith & Nephiew, Santen, Zimmer, etc.We have downloaded most impo...


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse tucows.com
  • payroll2u.com contactprivacy.com
  • support exabytes.com
MX Records
  • alt1.aspmx.l.google.com.
  • alt2.aspmx.l.google.com.
  • aspmx.l.google.com.
  • alt3.aspmx.l.google.com.
  • alt4.aspmx.l.google.com.
TXT Records
  • v=spf1 mx include:_spf.google.com include:amazonses.com include:spf1.payroll2u.com include:spf2.payroll2u.com ~all
  • duo_sso_verification=KeesSisVsHGX9KNVIKclGcLpqJXHM7REehZnMfaEvMR9KrGaepIZ4fWRDOPInwSP
Cloud / SaaS Services Detected
Amazon SES/WorkMail Cisco Duo