Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo trugreen.com

Group: blackbasta

Discovered by ransomware.live: 2024-05-21

Estimated attack date: 2024-05-03

Country: US

Description:

TruGreen is a full-service lawn care provider focused on delivering high-quality, tailored solutions to both residential and commercial customers.SITE: www.trugreen.com Address : 1790 Kirby Parkway Forum II Suite 300 Memphis, TN 38138 USAALL DATA SIZE: ≈850gb 1. Corporate data 2. Personal users data 3. Payroll, financial & etc…

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 25

Compromised Users: 887

Third Party Employee Credentials: 4

External Attack Surface: 7


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse cscglobal.com
MX Records
  • smtp-3.truadm.gmis.att.net.
  • smtp-2.truadm.gmis.att.net.
  • smtp-1.truadm.gmis.att.net.
TXT Records
  • 5aq0fpk574v5gjirmhvfp41f6a
  • v=spf1 a ip4:207.166.92.11 ip4:207.166.95.11 ip4:207.166.101.207 ip4:207.166.104.207 ip4:208.115.113.186 ip4:208.115.96.41 a:mail.securenotifier.com a:mail2.securenotifier.com include:cvent.com include:spf.protection.outlook.com ~all
  • facebook-domain-verification=qjvm82vrw3jv3elgpdu6aytvvu67z7
  • google-site-verification=oC-7AMOJjlfAT4N70hH9mJ00U2Ypn8kewhKFc6OuFvs
  • google-site-verification=2xI99Otc8ahKohzOJtwaYUZD2JDoUcBq8Scgq-j55UU
  • d365mktkey=3wc446glt10aso5hgj0voluia
  • d365mktkey=56a7f3dlevehfcgu37x3ruvc8
  • d365mktkey=3ft9d4ga4m0bfox3yod8ham14
  • pmrkgjcgp1h8j1avbr9duv92gu
  • 5LAESQ5KV7M5829TPI8D2O2QHP
  • af8h1u5j5scj5r7roo27pjn73b
  • qo6horcb6vleqe44fk9of0pm0g
  • d365mktkey=z18eb16cz11cek76a2966i76
  • l9gkqtirjft63qk0u51toe3hb
  • _globalsign-domain-verification=yykX0BEfZyNaTQIOQm-yPH9zT0bzt7ugvs4O3pj0Iy
  • d365mktkey=5g8skikg66h3pdrfcs0loyyj0
  • ucsgncql1a5ibm74q0c7l57ag
  • 5mdu6436crfns2b3ieijn8f732
  • E11950AB36378BF2346EE8093A0B1F4F841E4467F04F6C67C40373B9F3E2B288
  • vr2kfitel01hbkgne0fsk0goah
Cloud / SaaS Services Detected
No well-known cloud or SaaS service detected.

Leak Screenshot:

Leak Screenshot