Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo

climatech.com

climatech.com

Group: Blackbasta

Discovered by ransomware.live: 2024-02-22

Estimated attack date: 2024-02-09

Country: US

Description:

Commercial / Residential HVAC provider Climatech Inc, is a large full-service mechanical contracting company serving customers in both Pittsburgh, PA and Tampa, FL. Over the past 40 years we have grown into one of the largest contractors for heating, ventilation, air conditioning and refrigeration in Pittsburgh, which is directly attributable to our attitude in providing the highest level of quality in all that we do.SITE: www.climatech.com Address : Climatech, Inc. 200 Bilmar Dr Pittsburgh, PA 15205 412-921-8000ALL DATA SIZE: ~550gb 1. Employees folders and documents 2. Human resources 3. Accounting and finance data 4. Payroll and etc…

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse@omnis.com
MX Records
  • mx1-us1.ppe-hosted.com.
  • mx2-us1.ppe-hosted.com.
TXT Records
  • MS=ms29525769
  • duo_sso_verification=gufr4y6R4cUWmuLFLo0amnjUgwH9eMJ7nQPS8PwMlh0IpOOMJNUM9YoExZmL7Jac
  • v=spf1 a:dispatch1-us1.ppe-hosted.com ip4:67.231.154.162/32 ip4:148.163.129.50/32 ip4:148.163.129.51/32 ip4:67.231.154.163/32 include:dispatch1-us1.ppe-hosted.com ?all include:spf.protection.outlook.com -all
  • MS=065988695BD3E7C932C41D97EE16FA6BB7F8373F
Cloud / SaaS Services Detected
Microsoft 365 Cisco Duo Proofpoint Essentials

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.