Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

andesaservices.com

andesaservices.com

Discovered 2024-04-19 11:30 UTC
Est. attack date 2023-08-27
Duplicate Entry
This victim has been identified as a duplicate of another entry in our database. However, this may not always be the case: the same organization can be targeted multiple times by the same or different ransomware groups, which may result in separate legitimate entries. Search for related entries

Description:

andesaservices.com

Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 1

Third Party Employee Credentials: 1


External Attack Surface: 0


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abusegodaddy.com
MX Records
  • andesaservices-com.mail.eo.outlook.com. Microsoft 365
TXT Records
  • atlassian-domain-verification=IhP05WDuFs6PWHS4zYAkdKDXRM8U3NagmIF/F3M4Ru6Tx5CjYBkj3TlRzdZY4jsv
  • box-domain-verification=a00a17738055396528bbd6790da61ecbc3c378011b71969500d6ff3a3def1fc2
  • MS=4D1C98D57EB7E5948F2794A6D42EE2C89DD49BF3
  • anthropic-domain-verification-pq61zq=zQPhVojXHw8EwADCX9smyNi2N
  • ms-domain-verification=677d850f-73a6-4b49-9912-d6a5194fcbb7
  • google-site-verification=L80iBQLGQhk7DpNaynDL9jSMyM-5VLOz93h7uNlYeGs
  • v=spf1 mx include:spf.protection.outlook.com include:relay1.weblinkinternational.com include:service.andesaservices.com ip4:40.143.136.220 ip4:52.70.50.186 -all
  • MS=ms70203675
Cloud / SaaS Services Detected
Atlassian Microsoft 365 Box Anthropic

Leak Screenshot:

Leak Screenshot