usdermpartners.com
usdermpartners.com
Group: blackbasta
Discovered by ransomware.live: 2024-07-15
Estimated attack date: 2024-06-18
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 5
Third Party Employee Credentials: 2
External Attack Surface: 2
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- d170179b.ess.barracudanetworks.com.
- d170179a.ess.barracudanetworks.com.
TXT Records
- apple-domain-verification=k7cilIafS-oW7oyPTlre8dzpvnYnEadi9JUXar4bmfE
- google-site-verification=Nd6jzV_d7hEwcmgMBfvJAOuP7FORDqKV-uppP75k6q0
- z4rBRevn8FOJyX0Zzn3fj338v4GtvOq3Rcs0e88gzO4=
- apple-domain-verification=KrSaRu2YSHA8spT4
- MS=ms74349021
- v=spf1 ip4:207.195.239.199 include:spf.protection.outlook.com include:spf.ess.barracudanetworks.com include:aspmx.pardot.com include:sendgrid.net include:_spf1.relatient.net -all
- bvm-site-verification=4ba4a59f75da41b8af8d97d5bce352e8d7b57dba
- ZOOM_verify_jD_69II6TCGXUCUbPOTOdQ
- amazon-business-verification=e2f9292fa4e46805577d825829d236d20d845adc8b3660594e125438dde11217
- duo_sso_verification=jhqdhmekATB7PlCyAfhiOMVFfw83nBsN0g0hwTJe6SBjoJNWQX0m7YDULm0ScLe9
Cloud / SaaS Services Detected
Apple
Microsoft 365
SendGrid
Cisco Duo
Zoom
Leak Screenshot:
