Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo

Hawkeye Area Community Action Program, Inc

hacap.org

Group: Blacksuit

Discovered by ransomware.live: 2023-11-01

Estimated attack date: 2023-11-01

Description:

Hawkeye Area Community Action Program, Inc. (HACAP) began service for Linn County in 1965, following the enactment of the Economic Opportunity Act of 1964. This act provided for the development of community action programs that provide: "services, assistance, and other activities...to give promise of progress toward elimination of poverty." (EOA of 1964, Sec. 202a). This federal law provided for community-based efforts to minimize the negative impacts of low-wage incomes upon families and the community overall.

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse@godaddy.com
MX Records
  • hacap-org.mail.protection.outlook.com.
TXT Records
  • k0WZcP67+N6V7LKjhy+k64M+EyMTw9ksFH0E6jsLoNanVY+4xnEpNqXJKUuzeyd5YQA92F0BFuxRe/DWn/Pj2A==
  • v=spf1 include:spf.protection.outlook.com include:spf.emailsignatures365.com include:spf.constantcontact.com ip4:192.199.183.0/28 ip4:97.64.204.112/28 ip4:199.189.229.211 ip4:199.189.229.59 ip4:192.154.15.241 ip4:207.191.194.41 ip4:207.191.192.35 ip4:192." "199.183.83 ip4:72.255.105.162 ip4:207.191.202.143 ip4:162.253.47.41 ip4:192.95.125.132 ip4:207.191.202.235 ip4:192.199.182.249 ip4:74.84.90.190 ip4:192.119.246.98 ip4:170.178.227.21 ip4:207.191.202.43 ip4:63.142.33.158 ip4:74.84.123.66 ip4:162.253.44.59 i" "p4:66.102.208.207 ip4:206.226.65.165 ip4:207.191.206.77 ip4:198.40.248.86 ip4:198.40.248.126 ip4:108.166.129.142 ip4:45.59.13.222 include:spf.zohomail360.com include:_spf.psm.knowbe4.com -all
  • google-site-verification=yTcm9AGkGT2fMz2L3eB23cXXJ0vmu0U51HaEitzNgK4
  • MS=ms41949660
Cloud / SaaS Services Detected
Microsoft 365 KnowBe4

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.