Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

marcopolohotels.com

marcopolohotels.com

Discovered 2022-09-07 10:56 UTC
Est. attack date 2022-09-07

Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 76

Third Party Employee Credentials: 13


External Attack Surface: 16


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • cshuyi.cn
MX Records
  • marcopolohotels-com.mail.eo.outlook.com. Microsoft 365
TXT Records
  • sophos-domain-verification=983ab7ba21c337450f0e7533d2dc1d368f91ff7cd9bc01d74d1df500f84b3835
  • _globalsign-domain-verification=zkyB5C1cq-PiUv2uR0BxA5ebSSkMp0sO5ji-5EdgOf
  • v=spf1 include:spf.synxis.com include:spf.protection.outlook.com include:spf.mandrillapp.com include:203790.rshk.info ~all
  • 8r6nr2kddorao6aano5gccnvpf
  • sophos-domain-verification=a38d7a78f00a6f18e7774860954dadb6d39fbf604442f29927d543d010f8e81c
  • sophos-domain-verification=21311e6c050e0218309f083d21d596ece7e04c470c3bbd7d0a8ed2abbb65d018
  • sophos-domain-verification=872777f9f52250dfb578815d93123720ff2d966ab8e87f915cd62b8497641c17
  • sophos-domain-verification=d91e78ceb139e7031f8b00d48406226d5d9c68f11eeb0b77b71f898a5f6a4f92
  • sophos-domain-verification=790a566ada5eadf868f8c6a787f2a633a12cbb4348be685e9a171c0805533b59
  • google-site-verification=qzwsZl6wkYJwcO1mqA1vGAL2zvhsnONMS8mFTz12D3A
  • 6bwm079s1h34l01wjk22195x59srtmwc
Cloud / SaaS Services Detected
Global Sign Mandrill Sophos