Ransomware.live Victim: totto.com

Buy Me a Coffee

Sponsored by Hudson Rock – Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

totto.com

Group: lockbit3

Discovered by ransomware.live: 2024-05-09

Estimated attack date: 2024-02-23

Country:

Description:

Nalsani SAS is a company with nationally-focused eCommerce activity.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 8

Compromised Users: 1679

Third Party Employee Credentials: 16

External Attack Surface: 1

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails

compliance domain-inc.net

MX Records

totto-com.mail.protection.outlook.com.

TXT Records

FIZWAN4HGWOITAATGFJFFNG7QCQ6XU1AT2ANLT4G
uo8mpqt2iec6mavjuuhf629feg
google-site-verification=TvZr8iO8RoJXHhuWWVF120Ky6YotuLw7dYqO8p3Gak4
MS=ms59042775
v=spf1 ip4:190.216.154.214 ip4:190.60.75.244 include:spf.protection.outlook.com include:spf.mandrillapp.com include:mailgun.org ~all
7dhsfta9nt945v4kvensd63pne
h0vata2uv689kghben4k2h5oq4
fe8b0v2aodhd2np4fovogt4653
8eejdnlt3jq2133vngu230ss1u
Uo8jh0bmb8ia5j831gsv3ri88l
facebook-domain-verification=1hxtqgz4tericvpkocvz5lb04bsnss
sophos-domain-verification=da5c019e1ef0c45f5f22266c8c25ac25a32ff1ab8bed3c1d2759193fe3787be4

Cloud / SaaS Services Detected

Microsoft 365 Mailgun Mandrill Sophos

Leak Screenshot:

Leak Screenshot