Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo

Webber International University

webber.edu/

Group: Ransomhouse

Discovered by ransomware.live: 2024-02-26

Estimated attack date: 2024-01-20

Country: US

Description:

We have been recognized by the Princeton Review as one of “America’s Best Value Colleges” and a “Best in the Southeast” school. Established in 1927 as one of the first business schools for women in the nation, Webber now hosts men and women from over 48 different nations. Established in 1896 as Flora Macdonald College, St. Andrews University (a branch of Webber International University, formerly known as St. Andrews Presbyterian College) joined the Webber International University family during the summer of 2011. A traditional Liberal Arts university, students at St. Andrews major in a wide variety of fields. Each Webber campus is a traditional residential campus and features a wide array of extra-curricular activities. While most of our students are traditional undergraduates who attend classes in person, all day, play their sport all afternoon and retire to our dorms for the evening, we also offer accelerated adult completion, evening MBA, and completely online degrees. We are a results-oriented organization that expects people to meet their goals and understand that this requires hard work. However, we are a collegial, friendly workplace. We have an open-door policy. We know each other. We know our students
Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 9

Third Party Employee Credentials: 3

External Attack Surface: 3


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • webber-edu.mail.protection.outlook.com.
TXT Records
  • facebook-domain-verification=bar3bwm1gun6og8p5hhw87vo4rej80
  • r47rdldmvq6r1cy486h8cyl7v2jn60n9
  • v=spf1 include:spf.happyfox.com include:spf-sites.us.w3pcloud.com include:spf.protection.outlook.com ip4:198.21.5.85 ip4:4.71.8.194 ip4:216.27.20.130 ip4:216.27.20.140 ip4:216.27.20.141 ip4:216.27.20.142 " "ip4:167.89.101.146 ip4:167.89.101.149 ip4:167.89.60.152 ip4:167.89.89.156 ip4:192.237.158.52 ip4:192.237.159.131 ip4:192.237.159.132 ip4:192.237.159.133 ip4:204.75.142.249 ip4:1.123.12.123 include:sendgrid.net -all
Cloud / SaaS Services Detected
SendGrid

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.