Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo rci.com

Group: dispossessor

Discovered by ransomware.live: 2024-04-19

Estimated attack date: 2021-12-26

Description:

rci.com

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 7

Compromised Users: 5300

Third Party Employee Credentials: 21

External Attack Surface: 104


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • rci-com.mail.protection.outlook.com.
TXT Records
  • MS=ms12365160
  • _7spg7gzqua57fhfff8xsty4nuu0qqlf
  • docker-verification=be79e9c1-e536-4bfc-8f10-f2f8aee46289
  • e2psrciwwwapp17-lz3 IN A 10.238.1.185
  • MS=ms16063927
  • google-site-verification=xf4tSJSF39pYiu0TMJskGDJnovqGaqZubosqFw4zEc4
  • _oibvs3atlcbwxivgsvzf5dxoqzg2jq4
  • atlassian-domain-verification=K46g1lvm+rUGoNcFbJgF7Bw4A5KpWNLqmv6QYwIuw/eAKCJgGEqTJ63kYP2reeK3
  • adobe-idp-site-verification=501826c799d6c021ed57e4af911fcb161ac6ddf3466daba3b77343f7054caeae
  • 3/xwhcMAhHx/GhonS1hpg8C+zbuvQexc1B7GTVW+0i8Zju2oJASN7qXjPNRNpcxfKEgb07XEKxtyiYtNLHb+rw==
  • docusign=442f25fe-7683-44e4-a515-f7b25eeebdb0
  • google-site-verification=RFA1TnrvXuIq7omAezDffVs_JDsq5EzfuB2_nROl5dA
  • v=spf1 ip4:109.203.119.52 ip4:154.119.231.66 ip4:3.128.60.215 ip4:3.137.124.21 include:spf.clearslide.com include:eversrv.com include:emsd1.com include:spf.protection.outlook.com ~all
  • everlytic-site-verification=6ac3f0b2c40078f5ae35aa2c916e91013ed1b8d2398aaf56838140752e511279b31f219da072ebd1f558b931cf2ca79a16c68c2f8d0e67951d18155176ea7b41
  • apple-domain-verification=YkDNjwsc3DwvIRDk
  • xfzgzj0g7t2l3tm0pyz8rymnx58slk5j
  • docusign=88e5df00-9f0b-41ae-b27d-98b7c52c2c6d
  • 10vgnc6b8s68rk4pg65nuvdpg8
Cloud / SaaS Services Detected
Adobe Apple Atlassian Microsoft 365 DocuSign

Leak Screenshot:

Leak Screenshot