Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo wsp.com

Group: dispossessor

Discovered by ransomware.live: 2024-04-19

Estimated attack date: 2020-04-16

Country: FR

Description:

wsp.com

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 75

Compromised Users: 494

Third Party Employee Credentials: 345

External Attack Surface: 78


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse cscglobal.com
MX Records
  • wsp-com.mail.protection.outlook.com.
TXT Records
  • miro-verification=fe8593cf41b6da712cec0baa030b1c14db7a2c1b
  • 61blntflfimi6hf88jg8uvivja
  • 31qbjke6e7jnndu9gl82kjmalr
  • _globalsign-domain-verification=poJyIOgvKkhlW7B-QIGuTchg23quABdH73shR7T2Mb
  • MS=ms21399539
  • smartsheet-site-validation=yNTEUDs7QxBqc4tcQKycTb05iwGmyQrQ
  • gh9vv8y9wk100rn6tgwwyv34p7j4nzwq
  • atlassian-domain-verification=iADjYwlYE0pDmb4eKwWuaU/JMO4UgaJQnIR1A6osNTzZuOvrjFiCVqx1itviMmgs
  • usl8tce7lj6lkcn5qupngtouvn
  • onetrust-domain-verification=f957aa0f25dc4728a84f00e816f12a28
  • 7ppuub097fec3evikb2c683f41
  • Target: 0ed1fe018a67075c82a032433cab767dbb83984516
  • s6dx5xlj7pffx23dj2q24m0k6ndqmb7r
  • gnp55027vh77mta2peprip87h6
  • dm0z51s3ry2shqnf8m13pjndz6l6vhk8
  • docusign=NA185a53-c5ed-4163-85e6-bcaaefe57d2a
  • apple-domain-verification=GG5MSEwfyGy7wZ0E
  • MS=ms45738581
  • google-site-verification=d2Nrw7qgL1LT_BVUnMT9PiPjR1-04MTBWXPCWt8hybM
  • v=spf1 a:c.spf.service-now.com a:spfa.wsp.com include:spf.protection.outlook.com include:spft1.wsp.com exists:%{i}._spf.mta.salesforce.com include:spf.eu.odmad.quest-on-demand.com include:_spf.mailgun.org -all
  • docusign=53c22f12-d5ac-4832-8ccb-1bd601976980
  • uUcJ5QM9+XvuHfDu/pj7saBZaW4ZGH06eEHw3If7HcjheBJQAgf/OPy0TmZn6uepUjRgO5g3GaWOECqkvL1opg==
  • facebook-domain-verification=9h6ykjh2ofgb1mf9la9h0xij3m5ua3
  • atlassian-domain-verification=jE/K347zix/iZPnqbdCcQF16x8gAxaxqiaBdoANafi8axy/cOX1g2sfgt0wY4Mx2
  • nJkC5wGfMJeCr9vgzJ3EYKwGWMYyyYLSMho89xf0O29uCS+LQTIef7uBn9MMiwjdTtu7LrouB7/qohlHO0/GXQ==
  • iuscfqb8kv2posh0pbepjtg89j
  • otflig1c7q0c63bh87mi0ih69t
  • e3tm6etrer4tdedec5dg4af6rq
  • google-site-verification=_2hnpRoDHo0EsPid77NGvKIGe0k2c-6EmF8yz-Dl8wo
  • 5tg93jnv02juqqs6fbtp4o9aus
  • v5jsja1us3nudhk77916md8idl
  • 4fjj3ytgkm72l1vwsn5txx84nf6ybzzx
  • P0A0R48586
  • RpYK0FSj8EmCWU0cefoP9g6MS12gbgBs34Jh+9Ab6Wos7vXiafaF1Q2b2r09P9qb8KK3mI46QgP5jWJFFq+DgQ==
  • ucdnerigg1972j4pkn34t5lg4d
  • element-sso-domain-verification=ba32acbdcea847f4e4fc4cce5d44251a
  • t2g3dfp75294a03go67sdpkdgl
  • atlassian-domain-verification=uxTtJC5QCd6UahRgY31uz/7CcOxu41E9NcUy9XMEgmo0Kea/HrNz3/aeE7pzzVYQ
  • canva-site-verification=A7TrOr_X3pX4TNced9DX6w
  • _rpxcroepqhg8rrqpt6owcvg04xhcg8x
  • v5xj8r3qjx7w1g7kg168c26p3l7nsmpp
  • google-site-verification=R-aITPSRhABuRvv5ByxuMotfl4kLCh26QEd1a9IU3ro
  • 6vn8m4ulg4o3bo3gg9228r9jk8
  • 43anunljh8ukhcnt29k3v3k92l
  • box-domain-verification=5ee7f25d2ec5151b12993db9982e27190bb5314d7e8dde95034b25f0806da88a
  • a283ok0mfld7fho6a4uaaqq11p
  • _km7d4jwh4717sznbk7ckiwgf8igtzsv
  • ec2hjhobpuaoolkm51uqd1r50d
  • eevndt9o67u6g52hvrqg15t01p
  • apple-domain-verification=HKFw87UlflVgFhs9yMAVxsXTbBcUJEjF-9ss6iaFtCo
Cloud / SaaS Services Detected
Apple Atlassian Box Microsoft 365 Miro Mailgun OneTrust DocuSign ServiceNow

Leak Screenshot:

Leak Screenshot