Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

MULTIPLAN.COM

MULTIPLAN.COM

Group Clop
Discovered 2023-03-30 19:12 UTC
Est. attack date 2023-03-30

Infostealer activity detected by HudsonRock

Compromised Employees: 2

Compromised Users: 353

Third Party Employee Credentials: 2


External Attack Surface: 32


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operationsweb.com
MX Records
  • mxb-00233801.gslb.pphosted.com. Proofpoint
  • mxa-00233801.gslb.pphosted.com. Proofpoint
TXT Records
  • apple-domain-verification=v51iYl54uG4m7EYh
  • jamf-site-verification=C8pP_Q4DfgvAwu1hEKyyDw
  • v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all
  • asv=441f64554baa3918e25234e8fa43ba50
  • _inptfgf6dvqdnwkpwoe5h7ck0cei08o
  • miro-verification=6594a10f0f6faa97305c191a870702866cdbcf90
  • sophos-domain-verification=189fbe3efb708f62abcff56b55a96b012319aed11014f7428b5036037460ea72
  • figma-domain-verification=6e943a69871566dc08818843eecf7733308aa86937ec9d7601a985bb3d4a377e-1722076571
  • google-site-verification=2Nlwh6mBFKfUQRdTD-Fi_1MNp0znR_drumazeG2KCo0
  • atlassian-domain-verification=QHC45FViwK3du3t/oLGzTQaNSEj46hDTcJ109ZDazMgeI2BAt2cIzcb/HCwHSIDS
  • asv=6685d9dc684acc9eda9c3326de00fb92
  • docusign=b964fc51-b29b-4d0f-91d6-957a3112b6dd
  • knowbe4-site-verification=610109efba80a12891ce5e62bd2c7117
  • cisco-ci-domain-verification=2f447ddf3375ff73657120d6c656354d51bf0defa6e76cea191a9edd89387721
  • docusign=3973210d-7f08-42a2-b71c-32b82ecd9f07
  • flexera-domain-verification-nqgjdrplaedwwwcq
  • _i2aa4ilm2frhiblro63snhwjb59pylg
  • _02wrvd38qbj9zeua0ylcb8jyxoehzzd
  • adobe-idp-site-verification=9f6f2f2587d4ac383cfa2f939230c8b7187120df3901035aebc392cbacc46ff0
  • openai-domain-verification=dv-L9b3Pz4rihfzdprTKHZH8Bg2
  • MS=ms59612484
  • flexera-domain-verification-enguwjaedoiosdim
  • atlassian-sending-domain-verification=3fa4a9ef-bded-4045-a539-f4995c5e9423
  • IifD6c2zBLXGOaqL+YOBhSm1e2gYI8NSiHq7ipeDz1hDZtpeX57HR125Vm3B+4aoAUevZAPa6ElspbVX1+ew4A==
Cloud / SaaS Services Detected
Adobe Apple Atlassian Microsoft 365 OpenIA Miro Flexera JamF KnowBe4 Cisco DocuSign Proofpoint Sophos

Leak Screenshot:

Leak Screenshot