Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo rcschools.net

Group: Blacksuit

Discovered by ransomware.live: 2024-10-19

Estimated attack date: 2024-10-19

Country: US

Description:

RCSchools.net represents Rutherford County Schools, a public school district in Tennessee. The district serves a diverse student population, providing education from pre-kindergarten through 12th grade. It emphasizes academic excellence, innovative teaching, and community involvement. The district offers various programs, including advanced academics, arts, and athletics, to support student development and success.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 194

Third Party Employee Credentials: 148

External Attack Surface: 6


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • mx2.hc3644-40.iphmx.com.
  • mxa-00a32701.gslb.pphosted.com.
  • mxb-00a32701.gslb.pphosted.com.
  • mx1.hc3644-40.iphmx.com.
TXT Records
  • apple-domain-verification=4JEg5aXlrrTIV0hY
  • adobe-idp-site-verification=d9ab35ccef20b80bc206c07043070d05d19d136a1ff8aad4f1c8928ef10cb92e
  • google-site-verification=u318UQj_f_LCrKGqoMlmJYm_enJt-wpYFwr-vTTzKXk
  • ZOOM_verify_eSM3JLVyRwSiC-62tqGFRQ
  • v=spf1 mx a exists:%{i}.spf.hc3644-40.iphmx.com ip4:66.4.14.50 ip4:66.4.14.60 include:spf.protection.outlook.com include:spf-00a32701.pphosted.com include:notifications.issuetrak.com include:customerspf.schoolmessenger.com ip4:199.36.164.0/22 ~all
  • MS=ms22662606
  • autodesk-domain-verification=AAwFueyKNSVAE8S8HrCA
Cloud / SaaS Services Detected
Adobe Apple Microsoft 365 Autodesk Proofpoint Zoom

Leak Screenshot:

Leak Screenshot