Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo titlenine.com

Group: safepay

Discovered by ransomware.live: 2024-11-24

Estimated attack date: 2024-11-02

Country: US

Description:

Revenue $60.8 Million

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 37

Third Party Employee Credentials: 0

External Attack Surface: 10


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • aspmx2.googlemail.com.
  • aspmx3.googlemail.com.
  • alt1.aspmx.l.google.com.
  • alt2.aspmx.l.google.com.
  • apsmx.l.google.com.
TXT Records
  • v=spf1 a a:production.na01.titlenine.demandware.net a:staging.na01.titlenine.demandware.net a:outgoing.POD104.demandware.net include:_spf.google.com include:mailgun.org ~all include:spf.smartlabel.com include:_spf.salesforce.com ip4:166.78.69.248
  • bqsnd1xcx6wlwm7qfd5y6kqft6b63stn
  • globalsign-domain-verification=TxvcU3udakzKTnDbubA19wNKSdAi7u0-_xppPLKFsA
  • MS=ms34303256
  • pcqgu66n6uptq6ub7sebesssnm
Cloud / SaaS Services Detected
Microsoft 365 Salesforce Mailgun