-
Notifications
You must be signed in to change notification settings - Fork 24
/
2022-04-21_SocGholish-FakeUpdates
47 lines (42 loc) · 1.44 KB
/
2022-04-21_SocGholish-FakeUpdates
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
SocGholish aka FakeUpdates.
Referencia 1: (SocGholish > BLISTER > LockBit Ransomware): https://www.trendmicro.com/en_us/research/22/d/Thwarting-Loaders-From-SocGholish-to-BLISTERs-LockBit-Payload.html
Referencia 2: (Parrot TDS (Traffic Direction System)): https://decoded.avast.io/janrubin/parrot-tds-takes-over-web-servers-and-threatens-millions/
26 sitios comprometidos:
https://www.imageneseducativas.com
https://www.atavatan-turkmenistan.com
https://www.best-hentai-games.com
https://www.rastrearobjetos.com.br
https://payyourintern.com
https://koff.org.ua
https://gazeteege.com.tr
https://www.eso-cur.com
https://book-on-demand.de
https://www.stemstech.net
https://blog24.org
https://climatesamurai.com
https://www.khabaraajako.com
http://www.best-hentai-games.com
https://www.harakatuna.com
https://allthatshreds.com
https://smallthings.fr
https://www.tecnoveste.com.br
https://www.takt-magazin.de
https://topmigrant.ru
https://guardiao-ao.com
https://maslogsm.ru
https://new.meduniv.lviv.ua
https://albertjack.com
https://www.digitalcurrent.com
https://www.tripxoxo.com
11 servidores C&C activos:
https://design.lawrencetravelco.com
https://missions.chandlermethodist.org
https://energy.pomdev.com
https://1.widget.windsorbongvape.com
https://patients.brannonsmiles.com
https://doors.vipveinsaz.com
https://connect.codigodebarra.co
https://patients.brannonsmiles.com
https://rotation.ahrealestatepr.com
https://stuff.bonneltravel.com
https://matrix.2ctmedia.com