Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

thorntontomasetti.com

thorntontomasetti.com

Discovered 2022-12-02 11:06 UTC
Est. attack date 2022-12-02

Infostealer activity detected by HudsonRock

Compromised Employees: 10

Compromised Users: 302

Third Party Employee Credentials: 11


External Attack Surface: 19


Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abusegodaddy.com
MX Records
  • mxb-005b9802.gslb.pphosted.com. Proofpoint
  • mxa-005b9802.gslb.pphosted.com. Proofpoint
TXT Records
  • miro-verification=7d741a0d5499364806c414a4f4befc1545f0f233
  • mongodb-site-verification=zToWsZDKhpb0Xyk0bXrFiN50oXdqLtM8
  • v=spf1 ip4:64.157.153.144 ip4:12.151.76.6 ip4:148.139.3.2 ip4:167.89.11.197 include:spf.protection.outlook.com include:spf-005b9802.pphosted.com mx -all
  • MS=ms62230083
  • 57d5c976109a6006efa866d37568a46a25619c0a
  • adobe-idp-site-verification=7410c4a4-85e8-4a48-b18a-d3029d73190b
Cloud / SaaS Services Detected
Adobe Microsoft 365 Miro Proofpoint