Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo wexfordcounty.org

Group: embargo

Discovered by ransomware.live: 2024-11-05

Estimated attack date: 2024-11-05

Country: JO

Description:

Located in Northern Lower Michigan, Wexford County boasts a population of approximately 35,000, with a combination of an industrial/recreational demographic base. - 1 TB Data Network Admins: Joe Porterfield (jporterfield@wexfordcounty.org) Jami Bigger (jbigger@wexfordcounty.org) 231-779-9452 Passwords: ["August24!", "September24!", "October24!"] MSSP: Sophia Masotti-Jordan (sophia@karhucyber.com) 616-856-5678

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 1

Third Party Employee Credentials: 0

External Attack Surface: 2


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse name.com
MX Records
  • wexfordcounty-org.mail.protection.outlook.com.
TXT Records
  • v=spf1 ip4:50.28.9.200 ip4:198.109.141.98/28 ip4:47.225.42.188 ip4:207.74.28.185 ip4:47.50.72.250 ip4:207.74.28.178 ip4:24.236.152.250 include:spf.protection.outlook.com include:spf.mtaroutes.com +a +mx +ip4:209.59.188.16 ~all
  • MS=ms64223156
Cloud / SaaS Services Detected
Microsoft 365

Leak Screenshot:

Leak Screenshot