Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo

Meridian Cooperative

meridian.coop/
Group Blackbyte
Discovered 2023-10-04 22:07 UTC
Est. attack date 2023-10-04

Description:

Meridian Cooperative is the only enterprise solution that delivers flexible leading-edge software, services, and technology to utility providers across the country. With solutions ranging from consumer billing and finance to IT, GIS, advanced analytics, cybersecurity, and operations, our enterprise suite provides the tools utilities need to manage business from the office to the field efficiently and securely.
Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 1

Third Party Employee Credentials: 1

External Attack Surface: 7

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • violettadomains.coop
MX Records
  • meridian-coop.mail.protection.outlook.com. Microsoft 365
TXT Records
  • atlassian-domain-verification=Cde4BboaBEGKz8eHHMgWFCafCdA4Py94a4XQzmbrlY2E/MzqXrXlr1vqkP1OjREc
  • MS=BF6326FD0969286F7EEAEE0422FC73D706B0AC62
  • google-site-verification=Hqa8n1h_0a55XLw8HfHiT_wIxOisGVlUO7WFwl-i1jw
  • apple-domain-verification=2hTCUdYwt099jpWB
  • apple-domain-verification-Li2sJ4iCtKjMoZSZ
  • google-site-verification=PDJH409r5ooOq3rj0XZoRiyRdC01bkj4avQOCc437eA
  • v=spf1 mx include:docebosaas.com ip4:174.46.97.0/24 ip4:67.28.124.0/24 ip4:159.63.146.160/27 ip4:40.143.4.208 include:5034707.spf10.hubspotemail.net include:spf.protection.outlook.com ~all
  • google-site-verification=Md9pscD7pGW7M5J0PFnj6WfbhwYy68FTh_4JyK8E3rw
  • apple-domain-verification-8zfngzAr5aRuoQUQ
  • zfhj8fbk8l9c1chwblrqdf53ycx8j6df
  • duo_sso_verification=uTo4k7ZpGyFpKrTlPSZVpd0f6tBRgLFfCGAmfgFKC8BiyPi4pf7AiYiYvpyU53n3
  • MS=ms74080055
  • anthropic-domain-verification-xxe4mm=3QMD08lP0my3Y3KSIbZlXsDEM
  • twilio-domain-verification=a3ad5118739fff4e2fae042ac5e3fb40
  • openai-domain-verification=dv-04Ea5b179Fa3fhasDSc6yMNH
  • google-site-verification=sQMEIQWmW5439eCoTmkSXVed2Vts4yBXibfE_bIHBDE
  • knowbe4-site-verification=4edfb8befa4a797bf3a1a2651094084d
  • atlassian-domain-verification=axRAsVdGiE8KdmLysD/Uqp0Zobbbl1G9Hc9N88c8aNePQxl20Kd36ePX9QCZ1ZEA
Cloud / SaaS Services Detected
Apple Atlassian HubSpot Microsoft 365 Anthropic OpenIA KnowBe4 Twilio Cisco Duo

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.