westat.com
westat.com
Group: dispossessor
Discovered by ransomware.live: 2024-04-19
Estimated attack date: 2022-12-25
Description:
westat.com
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 12
Compromised Users: 33
Third Party Employee Credentials: 7
External Attack Surface: 44
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- mx1.westat.iphmx.com.
- mx2.westat.iphmx.com.
TXT Records
- MEWRMpeJH4aoK5KX9mzXlYiSK3Jeu2hK7ZsJGWs/Z4HV6wSIj/tipTvdqEDJ1Qp6cX5bhHyrDjOGDwBwf5OJEw==
- cisco-ci-domain-verification=306cd722598fe5878f61213927eb570429ebe13169fba64d17f1b0afd4c1e7ca
- v=spf1 include:8bb971.workshop-spf.net redirect=52flhlmk._spf._d.mim.ec
- v=_m5inc9het2zjrxjspf6ow2f24nq0e5t
- google-site-verification=iu33ENNK3hW1hNdp5FCed_hrlMh9VoOkKoCIzjqQX9o
- MS=ms20297064
- docusign=332758d9-daa5-4791-81c1-89dca2dca101
- trend-micro-v1-domain-verification.d6d262face28700410b59433c7a994db=600352ae-c32c-403e-a44d-d7bce172df81
- google-site-verification=OvR7ajFpAqhm9jnvcrznovJQxkrFz-eXHE9s2QW_Ems
- docusign=c7fe7b4a-3351-47ad-b8a9-653296947836
- read-ai-verification = https://www.uuidgenerator.net/version7
- vmware-cloud-verification-270f4674-b45a-4ef2-9d80-173764906cbd
Cloud / SaaS Services Detected
Microsoft 365
Cisco
DocuSign
Leak Screenshot:
