psmicorp.com
psmicorp.com
Group: dispossessor
Discovered by ransomware.live: 2024-04-19
Estimated attack date: 2023-11-02
Description:
PSMI was founded in 2005 with the sole objective of increasing operational effectiveness by reducing tooling and MRO spending.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 9
Compromised Users: 1
Third Party Employee Credentials: 6
External Attack Surface: 10
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain.operations web.com
MX Records
- mxb-00617f01.gslb.pphosted.com.
- mxa-00617f01.gslb.pphosted.com.
TXT Records
- MS=7ED6C02B9E4F03D88889787126F3462811AA18D6
- duo_sso_verification=or2JDQSFmgf3Tz97Enb1bc2qLRmpan11LMoI7vRIg6Nif6dDgxVYQOGlPh7hReMX
- k0qvhrtjczb1nwsf27kfgrzw5vcpp56s
- v=spf1 include:servers.mcsv.net a:webmail.psmicorp.com include:spf.protection.outlook.com include:spf-00617f01.pphosted.com include:ewie.com -all
- ypt1q94kshzntn88rw9zx1kffdmb733w
- 00hlbvccphb54qv8klyw65ntsftng6qn
- 42ndjqm2vlfqj02mry0vn6pfqrc5mlyr
- 839hsg90z99qc8dttbc966v25qcywpvg
Cloud / SaaS Services Detected
Cisco Duo
Proofpoint
Leak Screenshot:
