Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks


Group Play
Discovered 2023-09-18 20:45 UTC
Est. attack date 2023-09-18
Country US

Description:

Arizona, United States

Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 10

Third Party Employee Credentials: 1


External Attack Surface: 1


Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • trustandsafetysupport.aws.com
  • 8a1694d7082eacfb5c94fbe9ad9cc6f27bc508f14b96e6ff198b1b627c9a0eb9rtafleet.com.whoisproxy.org
  • 8a1694d7082eacfb5c94fbe9ad9cc6f20deacf364551d3f76890b3a26ccea644rtafleet.com.whoisproxy.org
  • 8a1694d7082eacfb5c94fbe9ad9cc6f22747c55847d8f233014fa9b9bde50922rtafleet.com.whoisproxy.org
  • 8a1694d7082eacfb5c94fbe9ad9cc6f2f3ef62c08298b567ccdf6eeba7674d12rtafleet.com.whoisproxy.org
MX Records
  • rtafleet-com.mail.protection.outlook.com. Microsoft 365
TXT Records
  • anthropic-domain-verification-gv6zr4=JLtKa4KDXO4WXFWyM0MtMRJcv
  • apple-domain-verification=yA39qS8rfeS9nC8D
  • firebase=xerifleet
  • google-site-verification=KKIGPxoB9El8NTAy6oarROjx7j8MenEOITCsJZNfBQc
  • google-site-verification=Lnzzf5rL48i8NqkJJOguu7BXUow2BzRvdeJRGWBBJs0
  • google-site-verification=_z2ltKr940s1QWGnqrLovjdK_G-WgeWi3xYz_vKxxvQ
  • stripe-verification=33f04b2d3ab2ce1bcdf05d73ac6e54ce2b4d4061029040ff37970dac0ff82cae
  • v=spf1 include:_spf.rtafleet_com._d.easydmarc.pro ~all
  • ZOOM_verify_IdDMccr63TSKQPOc64MpGK
Cloud / SaaS Services Detected
Apple Stripe Anthropic Zoom

Leak Screenshot:

Leak Screenshot