www.protectasecurity.pe
www.protectasecurity.pe
Group: apt73
Discovered by ransomware.live: 2024-11-23
Estimated attack date: 2024-11-18
Country:
Description:
Protecta Security provides insurance, microfinance and financial services. Internal docs, financial docs, personal info, customers' personal info. ...
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 266
Third Party Employee Credentials: 68
External Attack Surface: 21
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- No emails found.
MX Records
- mx1-us1.ppe-hosted.com.
- mx2-us1.ppe-hosted.com.
TXT Records
- cuttly-verification-site-d4cff75e61dfbc23a83854f4bd554d5181f27ab2-663dd533ed
- facebook-domain-verification=xzipqw8vq43fyhpi3wpmwf07kpjhg7
- google-site-verification=LLZ4s94F9VemzLcC8POE8Axpao18QT8-ZjiH0TdWBE4" "google-site-verification=yHWsp8pSzFNtCjRqgakAAWqR_SfN0JEFwRnvzXRZaZk" "atlassian-domain-verification=69gQG3atWLIu5BID0c8zqEbaLayhE1ZFaGhQ4A6SmGLdLNbhKXHF50Jcy5KOajZX
- ppe-eba034a708ebbe3aad45
- v=spf1 include:amazonses.com a:dispatch-us.ppe-hosted.com ip4:54.85.227.101 ip4:190.216.170.168 include:_spf.google.com include:mailgun.org include:spf1.masivapp.com include:_spf.us.sendclean.net ~all
- MS=49466C9827837F96C1E279EF65D9D69A5E1A7DF1
- _spf-can.echoworx.com
Cloud / SaaS Services Detected
Atlassian
Amazon SES/WorkMail
Mailgun
Proofpoint Essentials
Leak Screenshot:
