Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks


Group Play
Discovered 2024-06-23 21:17 UTC
Est. attack date 2024-06-10
Country US

Description:

United States

Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 0

Third Party Employee Credentials: 24


External Attack Surface: 2


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • trustandsafetysupport.aws.com
  • 4462dc45d707bcafee97828eed298e9344e19f84d4f2366c37691c4e555d0077belletire.com.whoisproxy.org
  • 4462dc45d707bcafee97828eed298e93c8cf69a7987729c6bbe23a43c8b3f950belletire.com.whoisproxy.org
  • 4462dc45d707bcafee97828eed298e933b567b6b419f2e087b3c8ba0f72e7ce2belletire.com.whoisproxy.org
  • 4462dc45d707bcafee97828eed298e938c281ca108d65c82c18ceeb681e069eebelletire.com.whoisproxy.org
MX Records
  • belletire-com.mail.protection.outlook.com. Microsoft 365
TXT Records
  • 00D5e000000IgEh=1TBS600000005Nu
  • 00D5e000000IgEh=1TBS60000000DEz
  • MS=E58B0C86974613BA19CEDFE6F3151ABCFB4F866E
  • anthropic-domain-verification-2c8ybk=dlc6TFoLVV0WQSIHDx4UuaGBT
  • atlassian-domain-verification=jpthlraVfADTUScQ76gmakRWLMigReekFCxFw4xPh6asspA2hMcGUdmcaAa6ZmaX
  • cursor-domain-verification-smz704=RqNW2JiybHvi1WYWggJXmG7j2
  • duo_sso_verification=FWQ6f38RksOQnueyLIMGkefZQO94EsEHCiJOEbEzCuFsTDpc9qdgRy3dF62bqyjT
  • facebook-domain-verification=yjjnxl99xshjtkljg8echx7gbm48v6
  • v=spf1 include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email ~all
Cloud / SaaS Services Detected
Atlassian Anthropic Cisco Duo

Leak Screenshot:

Leak Screenshot