www.legilog.fr
www.legilog.fr
Group: apt73
Discovered by ransomware.live: 2024-10-29
Estimated attack date: 2024-10-08
Country:
Description:
Management software for culture, businesses, religion and bishoprics. 10 GBs crm systems / export files and backups / personal data
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 1
Compromised Users: 13
Third Party Employee Credentials: 1
External Attack Surface: 5
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- support ovh.net
- tjnwmssnnxmpb5mj8g4n h.o-w-o.info
- 5kx096zg0bggi6sktcwd m.o-w-o.info
- tech ovh.net
MX Records
- legilog-fr.mail.protection.outlook.com.
TXT Records
- _globalsign-domain-verification=auKNj-9O14OgLnr0e5bm1gkeb4hrUwu-RfgUtNkaUL
- MS=ms46671311
- brevo-code:50c05aff56feae940097bf438f2f2595
- v=spf1 include:spf.mailjet.com include:_spf.eu.sparkpostmail.com include:spf.protection.outlook.com -all
- google-site-verification=0TeM_DROeJXap6bVLUlLM3ItUSWQ2p0oW6DkDEOjgUs
- _globalsign-domain-verification=ps62YeKJmuhjCIGHrQevjy_vhn36581kVpIWWIKgzq
- _globalsign-domain-verification=yYB4YnLrBwW6xe8or8h04I6dwjIBl3txk8m0txJ8j8
- _globalsign-domain-verification=UbPAv9xGqaCep8Rh_vkDOTyp97fBuI-bacegfPkfim
Cloud / SaaS Services Detected
Microsoft 365
Mailjet
Leak Screenshot:
