Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo unitedregional.org

Group: dispossessor

Discovered by ransomware.live: 2024-04-19

Estimated attack date: 2020-06-21

Description:

unitedregional.org

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 20

Third Party Employee Credentials: 0

External Attack Surface: 7


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • unitedregional-org.mail.protection.outlook.com.
TXT Records
  • esk3u10q1aqfifefsbi8enppqo
  • xQ4HAQnT8IdoHA/djK+MK9nqIWfw5t1lHMd9w9yh+bhbsYuY4KnjynCm2YC/0A42iIj7fx2PBCkwvNUF8eoE7g==
  • e2ma-verification=oj8bb
  • cisco-ci-domain-verification=4d07a4a08380006c1f5d5a0593d47a685187d0e0b59880d4943bd0eeda4a377c
  • google-site-verification=LcltEHxTjdG85ZC6I4BAWglZN8OFOurnRSU18B7MmoU
  • v=spf1 ip4:70.245.42.118 ip4:50.31.128.116 ip4:50.31.128.4 ip4:50.31.128.113 ip4:167.89.81.19 ip4:167.89.56.105 ip4:192.254.112.14 ip4:167.89.24.206 ip4:168.245.50.250 ip4:167.89.12.7 ip4:167.89.12.78 ip4:168.245.104.174 ip4:167.89.55.124 ip4:149.72." "147.186 ip4:167.89.101.239 ip4:192.140.6.70 ip4:192.140.6.242 ip4:139.60.0.0/22 ip4:168.245.40.44 ip4:142.0.180.120 ip4:167.89.99.179 ip4:20.98.2.159 ip4:52.240.209.173 ip4:20.98.33.77 ip4:20.97.70.227 ip4:40.124.2.148 ip4:52.252.238.67 include:_spf." "salesforce.com include:outboundmail.blackbaud.net include:spf.protection.outlook.com include:spf_c.oraclecloud.com -all
  • canva-site-verification=30IvQrQg_0TsFYVlBOt66g
  • MS=ms76619489
Cloud / SaaS Services Detected
Microsoft 365 Oracle Cloud Cisco

Leak Screenshot:

Leak Screenshot