Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo

prodrive.com

prodrive.com

Group: Blackbasta

Discovered by ransomware.live: 2024-03-27

Estimated attack date: 2024-03-07

Country: US

Description:

Prodrive is a world leading motorsport and advanced technology business. Our business and culture is founded in motorsport but today we also help businesses in the automotive, aerospace, marine and other sectors create innovative engineering solutions which realise their ambitions.SITE: www.prodrive.com Address : Prodrive Holdings Limited Banbury, Oxfordshire OX16 4XD, UKALL DATA SIZE: ~900gb 1. Holding & Corporate data 2. Financial data 3. Projects, R&D data (new, current and old) 4. Users personal data & etc…
Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 0

Third Party Employee Credentials: 0

External Attack Surface: 2


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse@register.it
  • whoiscontact@names.co.uk
MX Records
  • eu-smtp-inbound-2.mimecast.com.
  • eu-smtp-inbound-1.mimecast.com.
TXT Records
  • iSh/E8vgts2RgvGXySC1IDRJ3sJViAYQ3a+MmPJfbU0qJmnr0O8CC0NPZWaYxewHY6b9IkQ3FDYUeXE5vaI2EA==
  • google-site-verification=rB6k8SniZM2qLS80UI8y7KOUMgZFwdyROJ-4oxfAXIo
  • docusign=aab41f72-292a-4d06-a2cf-9764f7cd2bcf
  • a5vbbca9inojsec08kcbdbpp83
  • mistral-domain-verification=11f1de72cbf4df7fc190ca98172c96424e7f1f26
  • cm0kn1smlp9pjkii3ls8mn7del
  • Z68RF54EP2
  • access-domain-verification=5823a63675dfd40c8addb006d05d8d6e938e63afc9aae63920c902c49afa4784
  • ers3POSIgiJdY+GRIj+PQDX9WarrYBm9grwnJ6ZhV3lvZSMLAJOSxdYEwKnn9iotMtCj51UT9uZbkG12FyaAAg==
  • 12o492rqtp01j9ef6isc8ajog2
  • Sendinblue-code:195aa7d5e71961d52afe0e8f835db6b0
  • obhlloq10b62ucbm5hvn56ub8b
  • og0g5cjcumbb0ol1b8q499qlh2
  • tljpj0fbh24riqqtoakk7uc221
  • eir4vatwmAzJHMIqC0Hzwx5lZGFvitnMMGP7I+5tHaHgH8pXBOOzDopW1At9GmWinC6VyMuouMBdZrJedcvmOg==
  • 248d583b20a5afdf8fbba337fbfab5d53136bde894526b7ac5
  • XW0rXqzlLB10QpRMgUz+inEHu0L4A7dSw5BnHyVozBByLVj1Gnqp6Jqku68/TgX6paLdRFkePhse1UzPNL52nQ==
  • v=spf1 ip4:212.146.251.182 ip4:188.39.86.245 ip4:89.197.114.189 ip4:89.197.114.188 ip4:89.197.1.53 ip4:89.197.1.52 include:spf.protection.outlook.com include:eu._netblocks.mimecast.com include:spf.sendinblue.com -all
  • o5v8a10g7qhn1m961gbu5439d1
Cloud / SaaS Services Detected
Sendinblue Mimecast DocuSign

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.