Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo pkf.com.au

Group: lockbit3

Discovered by ransomware.live: 2024-08-30

Estimated attack date: 2022-02-04

Country: AU

Description:

PKF Australia Limited is a member of PKF Global, the network of member firms of PKF International Limited, each of which is a separately owned legal entity and ...

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 2

Third Party Employee Credentials: 1

External Attack Surface: 1


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • pkf-com-au.mail.protection.outlook.com.
TXT Records
  • P0K1F81352
  • UzFT8B+r4YzbAI63hBCz4SLQCO63jOjxNHw+Pm7eDCo2HjawR+5Mibz1cySsw1mgrxYd+t5NiuZIc7/OOaW3tQ==
  • MS=ms31962548
  • bw=mEkmxJadUCbA90hD1jRKIUGIDnZbCZmzM50IYN6uPtQu
  • B244B47FCE
  • 0ed1fe018ab775c6c2cfec45bb94f5314aff6234c2
  • v=spf1 a include:spf.protection.outlook.com include:8328414.spf10.hubspotemail.net include:au._netblocks.mimecast.com include:_spf.mailgun.org include:amazonses.com include:spf-au.iress.com ip4:14.200.35.54 ip4:103.3.196.0/24 ip4:203.32.185.0/24 ip4:203.1" "53.239.50 ip4:203.54.177.30 ip4:121.50.202.12 ip4:203.32.33.32 ip4:27.127.198.134 ip4:103.28.42.0/24 ip4:146.88.28.0/24 ip4:163.47.180.0/22 ip4:203.55.21.0/24 ip4:204.75.142.0/24 ip4:27.126.146.0/24 ip4:167.89.0.0/17 ip4:208.117.48.0/20 ip4:50.31.32.0/19 " "ip4:198.37.144.0/20 ip4:198.21.0.0/21 ip4:192.254.112.0/20 ip4:168.245.0.0/17 ip4:104.40.229.156 ip4:52.169.0.179 ip4:191.237.4.149 ip4:104.209.35.28 ip4:104.210.80.79 ip4:13.70.157.244 ip4:51.140.37.132 ip4:51.141.5.228 ip4:52.172.222.27 ip4:52.172.38.8 " "ip4:52.233.37.155 ip4:52.242.32.10 ip4:54.174.16.18 ip4:34.238.70.53 ip4:198.21.4.52 ip4:167.89.31.27 ip4:167.89.127.244 ip4:60.241.60.132 ip4:123.243.196.94 ip4:60.241.60.135 ip4:60.240.39.231 ip4:18.211.154.151 ip4:34.202.10.189 ip4:54.84.201.6 ip4:34.2" "33.105.108 ip4:34.239.189.234 ip4:52.44.103.110 ip4:34.225.141.73 ip4:3.224.164.85 ip4:34.193.118.206 ip4:58.171.79.229 ip4:3.231.91.165 ip4:50.19.156.114 ip4:52.54.49.142 ip4:13.73.207.198 ip4:13.73.197.183 ip4:13.73.192.255 ip4:40.126.233.96 ip4:13.75.2" "25.47 ip4:13.75.231.56 ip4:13.75.225.75 ip4:13.75.147.201 ip4:13.70.72.43 ip4:52.237.205.2 ip4:52.237.202.253 ip4:199.255.192.0/22 ip4:199.127.232.0/22 ip4:54.240.0.0/18 ip4:69.169.224.0/20 ip4:23.249.208.0/20 ip4:103.29.206.31 ip4:23.251.224.0/19 ip4:76" ".223.176.0/20 ip4:52.64.41.85 ip4:52.64.41.199 ip4:52.64.7.174 ip4:198.2.128.0/24 ip4:198.2.132.0/22 ip4:198.2.136.0/23 ip4:198.2.145.0/24 ip4:198.2.186.0/23 ip4:205.201.131.128/25 ip4:205.201.134.128/25 ip4:205.201.136.0/23 ip4:205.201.139.0/24 ip4:198.2" ".177.0/24 ip4:198.2.178.0/23 ip4:198.2.180.0/24 ip4:159.196.113.82 ip4:159.196.35.238 ip4:203.221.84.162 ip4:180.235.158.92 ip4:203.62.215.110 ip4:147.189.35.60 ip4:180.150.12.193 ~all
  • d365mktkey=P0T6xVStRDdgT1YjAcLFxZuBDkRr9TxlxBY0pbWwOIAx
Cloud / SaaS Services Detected
Amazon SES/WorkMail HubSpot Microsoft 365 Mailgun Mimecast

Leak Screenshot:

Leak Screenshot