Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks


Group Hunters
Discovered 2024-02-17 07:40 UTC
Est. attack date 2024-02-17
Country US

Description:

Country : United States of America - Exfiltraded data : yes - Encrypted data : yes

Infostealer activity detected by HudsonRock

Compromised Employees: 3

Compromised Users: 22

Third Party Employee Credentials: 9


External Attack Surface: 17


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • a386d29f4747d7c7f1d87398f82b9b9afbb519d95e5e3d9352fd67232a6a3584psi.org.whoisproxy.org
  • trustandsafetysupport.aws.com
  • a386d29f4747d7c7f1d87398f82b9b9ac456490a10dfd2ac4c6ad9fbc98d4593psi.org.whoisproxy.org
  • a386d29f4747d7c7f1d87398f82b9b9a48c46050134f88cf2ea47a77611fe028psi.org.whoisproxy.org
  • a386d29f4747d7c7f1d87398f82b9b9ac5330c9afde2939dacfb9d1ee1915e47psi.org.whoisproxy.org
MX Records
  • psi-org.mail.protection.outlook.com. Microsoft 365
TXT Records
  • anthropic-domain-verification-8mczeh=AdJOtp7mvFhCZ6g3g4FLVNDB4
  • google-site-verification=_S83kN_gd3c4sA3PgvyDJXObJb4bbwzI31KhHSFneW8
  • pardot857593=44c6ae8894524a4fbe4e83b9eddffb06f7e94efb2715291bc1bbdbc9a163384b
  • pardot857593=a9999efeaa610e0f9f7479120552b82b15c98d9fd3bc737bea1d23be57052898
  • pardot_320231_*=a3668f3
  • v=spf1 include:spf.protection.outlook.com include:aspmx.pardot.com include:_spf.salesforce.com ip4:216.200.96.210 -all
  • 00D2E0000012gTu=1TBUu00000000JN
  • 00DA0000000H71D=1TBPC000000012X
Cloud / SaaS Services Detected
Salesforce Anthropic

Leak Screenshot:

Leak Screenshot