Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo

Simpson Strong-Tie

strongtie.com
Group Blackbasta
Discovered 2023-10-21 18:59 UTC
Est. attack date 2023-10-10
Country US

Description:

Simpson Strong-Tie is the world leader in structural engineering solutions and deeply dedicated to a mission of helping people design and build safer, stronger structures. For more than 60 years, Simpson Strong-Tie has dedicated itself to creating structural solutions and technology to help people construct safer, stronger homes and buildings. Considered an industry leader in structural systems research, testing and innovation, Simpson Strong-Tie works closely with construction professionals to provide code-listed, field-tested products and value-engineered solutions. Our engineered products and solutions are recognized for helping structures resist high winds, hurricanes and seismic forces. They include structural connectors, fasteners, fastening systems, lateral-force-resisting systems, anchors, software solutions, and product solutions for repairing, protecting and strengthening concrete. From product development and testing to training and engineering and field support, Simpson Strong-Tie is committed to helping customers succeed.SITE: www.strongtie.com Address 5956 W. Las Positas Blvd *Pleasanton, Ca 94588 * United States
Infostealer activity detected by HudsonRock

Compromised Employees: 19

Compromised Users: 355

Third Party Employee Credentials: 31

External Attack Surface: 63

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • infodomain-contact.org
  • abuse1api.net
MX Records
  • mx.us.email.fireeyecloud.com.
  • strongtie-com.mail.protection.outlook.com. Microsoft 365
TXT Records
  • adobe-idp-site-verification=58b475164922730f3e9105a66d7887a8581705561c3e73ec2cf0798a8ff011df
  • atlassian-domain-verification=rusYqoxXxu2isqPsPocjjxntgZ9USwXEhQzxGc6fjVWgSpz1veyqsR/a422bEQSa
  • prowly-verification=4ce420378c10fdb34737bbc402518e6694352601028bd07b556c354b385a766e
  • postman-domain-verification=c56dff0582717ab6768fb811523aa06c6dea048ac08c0851e35189097fb2d627f8172bcb7f49a137f89348ff5bb6774c49c955aa7fa575c460edb436064cfde1
  • onetrust-domain-verification=7687fe0b76044024b0228b7ac820e1c4
  • google-site-verification=tv7ySi4MjX80lnfgJfvziBj9RLqPFTKFVwGiYctdPcs
  • v=spf1 redirect=strongtie.com.hosted.spf-report.com
  • logmein-verification-code=eeb36911-3f50-4c1d-be1c-e8c5f449d56b
  • apple-domain-verification=xcvL8QCqANOxeSbq
  • adobe-sign-verification=5f837045c905852c71f843f4e5074d6b
Cloud / SaaS Services Detected
Adobe Apple Atlassian LogMeIn OneTrust

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.