### CyberHost.uk Malware and Phishing Blocklist ### URL: https://lists.cyberhost.uk/malware.txt ### Blocklist Details: https://cyberhost.uk/malware-blocklist # https://infosec.exchange/@jeromesegura/112016891193616345 # Added on: 2024-03-04 parsec-rdp.net # https://infosec.exchange/@jeromesegura/112016891193616345 # Added on: 2024-03-04 parsec-online.net # https://www.malwarebytes.com/blog/threat-intelligence/2024/02/one-year-later-rhadamanthys-is-still-dropped-via-malvertising # Added on: 2024-03-04 yogapets.xyz # https://www.malwarebytes.com/blog/threat-intelligence/2024/02/one-year-later-rhadamanthys-is-still-dropped-via-malvertising # Added on: 2024-03-04 birdarid.org # https://infosec.exchange/@jeromesegura/111614862111319350 # Added on: 2024-03-04 ads-analyze.xyz # https://infosec.exchange/@cyberamateur/111884406749085112 # Added on: 2024-03-04 telotrace.com # https://infosec.exchange/@cyberamateur/111884406749085112 # Added on: 2024-03-04 mamagoocha.com # https://infosec.exchange/@malware_traffic/112011130324706956 # Added on: 2024-03-04 www.sqjeans.com # https://spur.us/cloudrouter-911-proxy-resurrected/ # Added on: 2024-03-04 paladinvpn.com # Personal - DPD Phishing # Added on: 2024-03-04 hydris.capital # Personal - DPD Phishing # Added on: 2024-03-04 wzm.sro.mybluehost.me # https://www.recordedfuture.com/predator-spyware-operators-rebuild-multi-tier-infrastructure-target-mobile-devices # Added on: 2024-03-04 06g.co 02s.co spacsaver.info 09a.co ongsworld.com fr-monde.com lusofonia-mundo.com ladiesclubhouse.com vinho-online.com vendaswebs.com mundodenoticias.online mujmbosnoticias.com soccer-bw.com mmegi.co bw-guardian.com yo-um7.com sustanbuild.com myfawry.net jumia-egy.com suarapapua.co kejoranews.net nospam.kz olimpbets.kz vlast-news.com ztb-news.com cabinet-salyk.kz zikolo.net magnum-kz.com tickets-kz.com people-beeline.com rozavetrovv.com 2-gis.kz e-kgd.kz kapital-news.com nur-news.com astanapark.com krisha-kz.com ehudaldaa.com ulstur.co mb-ph.net buildneeds.net sportnow.news corporatebusinesssolution.net informationrank.net centent-management.net highclub.life vestinfos.net get-location.net vestinfo.org eventnews.live get-location.com vestinfo.net thintank.co fastnews.biz plinkypong.com peticaonline.com escortbabesluxo.com coazoa.com weekendcool.com qazsporttv.com pelovkin.com plastictoysworld.com tohna.net notify-service.biz copy-note.net zakorn.com walatparez.com tobupmi.com gabzmus.com msbsck.com mastershop.biz kollesa.com schedulefestival.com post-notify.info dzhabarzan.com shoxtek.com fast-notify.com clazc.com beroxe.com kroal.com rcuples.com 02s.co 06g.co 09a.co 2-gis.kz astanapark.com beroxe.com buildneeds.net bw-guardian.com cabinet-salyk.kz centent-management.net clazc.com coazoa.com copy-note.net corporatebusinesssolution.net dzhabarzan.com e-kgd.kz ehudaldaa.com escortbabesluxo.com eventnews.live fast-notify.com fastnews.biz fr-monde.com gabzmus.com get-location.com get-location.net highclub.life informationrank.net jumia-egy.com kapital-news.com kejoranews.net kollesa.com krisha-kz.com kroal.com ladiesclubhouse.com lusofonia-mundo.com magnum-kz.com mastershop.biz mb-ph.net mmegi.co msbsck.com mujmbosnoticias.com mundodenoticias.online myfawry.net nospam.kz notify-service.biz nur-news.com olimpbets.kz ongsworld.com pelovkin.com people-beeline.com peticaonline.comv plastictoysworld.com plinkypong.com post-notify.info qazsporttv.com rcuples.com rozavetrovv.com schedulefestival.com shoxtek.com soccer-bw.com spacsaver.info sportnow.news suarapapua.co sustanbuild.com thintank.co tickets-kz.com tobupmi.com tohna.net ulstur.co vendaswebs.com vestinfo.net vestinfo.org vestinfos.net vinho-online.com vlast-news.com walatparez.com weekendcool.com yo-um7.com zakorn.com zikolo.net ztb-news.com # https://infosec.exchange/@malware_traffic/112039934661788706 # Added on: 2024-03-05 muganni.com.tr # https://infosec.exchange/@jeromesegura/111614634379100609 # Added on: 2024-03-05 webvideoshareonline.com # https://cyberplace.social/@fellows/111982827400003128 # Added on: 2024-03-05 googleweblight.com # https://cyberplace.social/@fellows/111981638433498849 # Added on: 2024-03-05 exactag.com # https://blogs.jpcert.or.jp/en/2024/02/lazarus_pypi.html#2 # Added on: 2024-03-05 blockchain-newtech.com # https://blogs.jpcert.or.jp/en/2024/02/lazarus_pypi.html#2 # Added on: 2024-03-05 fasttet.com # https://blogs.jpcert.or.jp/en/2024/02/lazarus_pypi.html#2 # Added on: 2024-03-05 chaingrown.com # https://www.zscaler.com/blogs/security-research/android-and-windows-rats-distributed-online-meeting-lures # Added on: 2024-03-06 us06webzoomus.pro # https://www.zscaler.com/blogs/security-research/android-and-windows-rats-distributed-online-meeting-lures # Added on: 2024-03-06 online-cloudmeeting.pro # https://www.proofpoint.com/us/blog/threat-insight/ta4903-actor-spoofs-us-government-small-businesses-phishing-bec-bids # Added on: 2024-03-06 auth01-usda.com # https://www.proofpoint.com/us/blog/threat-insight/ta4903-actor-spoofs-us-government-small-businesses-phishing-bec-bids # Added on: 2024-03-06 tracking.tender-usdabids.com # https://www.proofpoint.com/us/blog/threat-insight/ta4903-actor-spoofs-us-government-small-businesses-phishing-bec-bids # Added on: 2024-03-06 shortsync.net # https://www.proofpoint.com/us/blog/threat-insight/ta4903-actor-spoofs-us-government-small-businesses-phishing-bec-bids # Added on: 2024-03-06 orga-portal.com # Personal - Royal Mail Phishing # Added on: 2024-03-08 gb-yzfsuy.top # https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2024-03-06-IOCs-for-Pikabot-and-Meduza-Stealer-activity.txt # Added on: 2024-03-08 yourunitedlaws.com # https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2024-03-06-IOCs-for-Pikabot-and-Meduza-Stealer-activity.txt # Added on: 2024-03-08 topflowersclub.com # https://masto.deoan.org/@neurovagrant/112060810347073497 # Added on: 2024-03-08 xn--vmwre-vcc.com # https://www.recordedfuture.com/russia-aligned-tag-70-targets-european-government-and-military-mail # Added on: 2024-03-09 bugiplaysec.com hitsbitsx.com ocsp-reloads.com recsecas.com # https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2024-03-07-IOCs-for-Latrodectus-and-Lumma-Stealer.txt # Added on: 2024-03-09 lufyfeo.org horaot.org aytobusesre.com popfealt.one auctiondecadecontaii.shop # https://blog.bushidotoken.net/2024/03/tracking-adversaries-uac-0050-cracking.html # Added on: 2024-03-09 davincigroup.online groupdavinci.online 8161.uk davinci-project.info # https://twitter.com/banthisguy9349/status/1766113279200337977 # Added on: 2024-03-10 nl3.deploy.sbs # https://twitter.com/banthisguy9349/status/1766113279200337977 # Added on: 2024-03-10 nl2-4.deploy.sbs # https://www.mandiant.com/resources/blog/investigating-ivanti-zero-day-exploitation # Added on: 2024-03-10 symantke.com miltonhouse.nl entraide-internationale.fr api.d-n-s.name cpanel.netbar.org clickcom.click clicko.click duorhytm.fun line-api.com areekaweb.com ehangmun.com secure-cama.com # https://www.mandiant.com/resources/blog/suspected-iranian-unc1549-targets-israel-middle-east # Added on: 2024-03-10 1stemployer.com birngthemhomenow.co.il cashcloudservices.com jupyternotebookcollections.com notebooktextcheckings.com teledyneflir.com.de vsliveagent.com xboxplayservice.com # https://www.mandiant.com/resources/blog/solana-cryptocurrency-stolen-clinksink-drainer-campaigns # Added on: 2024-03-10 ontopothers.com # https://www.mandiant.com/resources/blog/detecting-disrupting-malvertising-backdoors # Added on: 2024-03-10 www.claimprocessing.org www.treasurydept.org www.assetfinder.org gfind.org claimunclaimed.org treasurydept.org www.myunclaimedcash.org freelookup.org capitalfinders.org plano.soulcarelife.org pittsburgh.soulcarelife.org durham.soulcarelife.org mesa.halibut.sbs arlington.barracudas.sbs lugbara.top lewru.top infocatalog.pics bikeontop.shop positivereview.cloud dreamteamup.shop whatup.cloud thebesttime.buzz # https://unit42.paloaltonetworks.com/glupteba-malware-uefi-bootkit/ # Added on: 2024-03-10 snukerukeutit.org sumagulituyo.org criogetikfenbut.org lightseinsteniki.org liuliuoumumy.org # Personal - Fedex Phishing # Added on: 2024-03-10 somosllanochice.com bimadaptics.com # Personal - Phishing # Added on: 2024-03-10 lkjlkjmliopopnlkn.online pazisejhsdgygds9a.andiknova.site quintasmile.com ioupopl.andiknova.site restaurantslakw.online izakutefpaazimieyt.androvsdidonich.site confinesalk.online andiknova.site kdshfudsfhsegfuyemofdzeio.androvsdidonich.site androvsdidonich.site # https://www.zscaler.com/blogs/security-research/european-diplomats-targeted-spikedwine-wineloader # Added on: 2024-03-10 castechtools.com seeceafcleaners.co.uk passatempobasico.com.br # https://www.zscaler.com/blogs/security-research/zloader-no-longer-silent-night # Added on: 2024-03-10 adslstickerhi.world adslstickerni.world dem.businessdeep.com # https://research.checkpoint.com/2024/magnet-goblin-targets-publicly-facing-servers-using-1-day-vulnerabilities/ # Added on: 2024-03-11 mailchimp-addons.com allsecurehosting.com dev-clientservice.com oncloud-analytics.com cloudflareaddons.com textsmsonline.com proreceive.com # Temp Block Compromised Servers - https://research.checkpoint.com/2024/magnet-goblin-targets-publicly-facing-servers-using-1-day-vulnerabilities/ # Added on: 2024-03-11 www.fernandestechnical.com biondocenere.com www.miltonhouse.nl theroots.in # https://www.trendmicro.com/en_us/research/24/c/unveiling-earth-kapre-aka-redcurls-cyberespionage-tactics-with-t.html # Added on: 2024-03-11 preston.melaniebest.com preslive.cn.alphastoned.pro unipreg.tumsun.com # https://bird.makeup/users/bushidotoken/statuses/1767155931274432761 # Added on: 2024-03-11 microsotfi.com # https://www.welivesecurity.com/en/eset-research/evasive-panda-leverages-monlam-festival-target-tibetans/ # Added on: 2024-03-12 tibetpost.net www.monlamit.com update.devicebug.com # https://asec.ahnlab.com/en/62853/ # Added on: 2024-03-12 blamefade.com.br thinkforce.com.br # Personal Research based of this 404 post: https://www.404media.co/sydney-sweeney-leak-malware-is-all-over-twitter/ # Added on: 2024-03-12 thaudray.com adblocking-available.xyz worldfreshjournal.com download-available.xyz abmismagiusom.com ptugnoaw.net # Personal Additional Research # Added on: 2024-03-12 greenorbitly.com coogoanu.net # Temp Block - Compromised sites https://www.malwarebytes.com/blog/threat-intelligence/2024/03/fakebat-delivered-via-several-active-malvertising-campaigns # Added on: 2024-03-13 cecar.com.ar estiloplus.tur.ar # https://www.malwarebytes.com/blog/threat-intelligence/2024/03/fakebat-delivered-via-several-active-malvertising-campaigns # Added on: 2024-03-13 obs-software.cc bandi-cam.cc breavas.app open-project.org onenote-download.com epicgames-store.org blcnder.org bezynet.com bezynet.com church-notes.com church-notes.com church-notes.com ads-pill.xyz ads-pill.top ads-tooth.top ads-analyze.top # Personal - Royal Mail Phishing # Added on: 2024-03-13 royalmaill.net # https://medium.com/walmartglobaltech/icedid-gets-loaded-af073b7b6d39 # Added on: 2024-03-13 fasestarkalim.com aplihartom.com wikistarhmania.com drendormedia.com # https://www.fortinet.com/blog/threat-research/vcurms-a-simple-and-functional-weapon # Added on: 2024-03-13 bankofindustry.s3.us-east-2.amazonaws.com riseappbucket.s3.ap-southeast-1.amazonaws.com ofornta.ddns.net jbfrost.live backinghof.ddns.net # https://blog.talosintelligence.com/threat-actors-leveraging-document-publishing-sites/ # Added on: 2024-03-14 aerospace-atlas.online atlas-aerspace.online atlas-aerspace.com mvnwsenterprise.top onedrivesmncs.top onedrivemwsamc.top 347nsm239mws934.top afurrytailwedding.com secure-docsx.com # https://infosec.exchange/@jeromesegura/112090382122783994 # Added on: 2024-03-14 aksoaiapk.com trelconf.com avr-energie.com # https://www.malwarebytes.com/blog/threat-intelligence/2024/02/massive-utility-scam-campaign-spreads-via-online-ads # Added on: 2024-03-14 360billingservices.com aadigital.online billmediums.com citrexsolutions.co digitelcare.com directenergyservice.com eco-designs.co eco-designs.store economical-deals.co electricenergybundle.com electricenergyservice.com electricpowerdeal.com energpaybill.com energy.pics energy-billing.online energybilling.net energybillingdepartment.store energybillservice.online energybillsolutions.xyz energybundledeal.com energycredits.online energyexpertservice.com energyhelpcenter.com energypayment.shop energypoweroffer.com gabbar-solutions.online globalenergysolutionz.com globaltechsmc.com homeutilityservices.com makeabillpayment.com paysenergy.online powerelectricoffers.com qasmic.com rebornsolutions.co telecombilling.us telecomcredits.us thepowerpayllc.org uenergyproviders.store utilitybillsolution.site utilitybillspayments.org utilitydiscounts.store utilityservices.us utilitiesbillingservices.com utilitysaving.online # https://securelist.com/coyote-multi-stage-banking-trojan/111846/ # Added on: 2024-03-14 atendesolucao.com servicoasso.com dowfinanceiro.com centralsolucao.com traktinves.com diadaacaodegraca.com segurancasys.com # https://securelist.com/new-macos-backdoor-crypto-stealer/111778/ # Added on: 2024-03-14 imohub.net 22.imohub.workers.dev apple-analyser.com apple-health.org # https://securelist.com/trojan-proxy-for-macos/111325/ # Added on: 2024-03-14 register.akamaized.ca # https://securelist.com/bluenoroff-new-macos-malware/111290/ # Added on: 2024-03-14 on-global.xyz # https://securelist.com/trojanized-text-editor-apps/112167/ # Added on: 2024-03-14 dns.transferusee.com update.transferusee.com vnote.info vnote.fuwenkeji.cn vnotepad.com vnote-1321786806.cos.ap-hongkong.myqcloud.com # https://www.gdatasoftware.com/blog/2024/03/37885-risepro-stealer-campaign-github # Added on: 2024-03-14 digitalxnetwork.com # https://www.trendmicro.com/en_us/research/24/c/cve-2024-21412--darkgate-operators-exploit-microsoft-windows-sma.html # Added on: 2024-03-14 jenb128hiuedfhajduihfa.com bizabiza.mywire.org elshoppingdelalimpieza.com.ar selectwendormo9tres.com Newdomainfortesteenestle.com projetodegente.com higreens.co.in duelmener-naturtrailpark.org asareholdings.com aakritifitness.com streammobs.com wegrowcoaching.com lili19mainmasters.com stachmentsuprimeresult.com strongdomainsercgerhhost.com pjnbadfjandkadm3kd.com # https://blog.sekoia.io/unveiling-the-depths-of-residential-proxies-providers/ # Added on: 2024-03-15 clientsdk.brdtnet.com clientsdk.bright-sdk.com clientsdk.lum-sdk.io clientsdk.luminati-china.io clientsdk.luminati.io clientsdk.luminatinet.com client.earnapp.com client.holavpnextension.com client.holavpn.net client.c6gj-static.net client.zspeed-cdn.com client.su89-cdn.net client.h-vpn.org client.holax.io client.holafreevpn.com client.hola-vpn.com client.shoopit.com client.holavpnworld.com client.holavpnrussia.com client.hola.org client.holabrowser.com client.holavpninstaller.com client.haffnetworkam.com client.haffnetworkmm.com client.yd6n63ptky.com client.holavpnandroid.com 103.chtsite.com api.honeygain.com api.peer2profit.global updates.peer2profit.app api.iproyal.com ipv6-api.iproyal.com api.pawns.app ipv6-api.pawns.app resi-api.pawns.app resi6-api.pawns.app # https://cyberplace.social/@fellows/112100728266790680 # Added on: 2024-03-15 brandequity.economictimes.indiatimes.com # https://blogs.blackberry.com/en/2024/01/mexican-banks-and-cryptocurrency-platforms-targeted-with-allakore-rat # Added on: 2024-03-16 flapawer.com chaucheneguer.com hhplaytom.com zulabra.com uperrunplay.com uplayground.online praminon.com trapajina.com zaguamo.com pemnias.com isepome.com narujiapo.com manguniop.com debirpa.com dulcebuelos.com iomsape.com rudiopw.com ppmunchi.com pelicanomwp.com andripawl.com # https://www.malwarebytes.com/blog/threat-intelligence/2023/11/atomic-stealer-distributed-to-mac-users-via-fake-browser-updates # Added on: 2024-03-16 longlakeweb.com thebestthings1337.online chalomannoakhali.com jaminzaidad.com royaltrustrbc.com wifi-ber.com # https://bird.makeup/users/1zrr4h/statuses/1769360501341851814 # Added on: 2024-03-18 facturasm.cloud adbd.tech satventasfac.tech facturasmex.cloud facturasm.cloud archivosdwn.cloud facturas.co.in ca1.sytes.net ad2.gotdns.ch adbd.tech tths.ddns.net # https://www.netskope.com/jp/blog/from-delivery-to-execution-an-evasive-azorult-campaign-smuggled-through-google-sites # Added on: 2024-03-18 sqjeans.com mayanboats.com # https://masto.deoan.org/@neurovagrant/112116730974649496 # Added on: 2024-03-18 Name.com xn--dscord-wva.com xn--btcon-92ad.com xn--bitcon-77a.com xn--bitcn-gua87a.com xn--bitcn-wsa5b.com xn--btcn-qpac5b.com xn--btcoin-37a.com xn--bitcn-2sa5b.com xn--btcn-qyac1v.com xn--btcn-2qa32ad.com xn--bitcn-fta2c.com xn--ethreum-dya.com xn--th-s7s.com xn--th-dja.com # https://infosec.exchange/@rmceoin/112117659448813499 # Added on: 2024-03-18 trending.99read.net trending.movieanddrama.com # https://infosec.exchange/@jeromesegura/112119402271750249 # Added on: 2024-03-19 disenoymas.com.ar onenote-download.com church-notes.com # https://bird.makeup/users/bushidotoken/statuses/1769753697582551290 # Added on: 2024-03-19 gb-ryzutt.top # https://bird.makeup/users/executemalware/statuses/1768743302512230445 # Added on: 2024-03-19 diveupdown.com # https://www.esentire.com/blog/xred-backdoor-the-hidden-threat-in-trojanized-programs # Added on: 2024-03-19 xred.mooo.com # https://www.crowdstrike.com/blog/latin-america-malware-update/ # Added on: 2024-03-19 documents.drive.dreamixcorporation.com highlineadsl.com cozineros.merseine.com amx55.xyz # https://bird.makeup/users/executemalware/statuses/1768337418069930283 # Added on: 2024-03-19 carolinapharmacy.com aitcaid.com pluralism.themancav.com nknsz.round.fishingreelinvestment.com # https://any.run/malware-trends/asyncrat?utm_source=twitter&utm_medium=post&utm_campaign=columbia&utm_content=linktotracker&utm_term=140324 # Added on: 2024-03-19 5.tcp.eu.ngrok.io luci2023.kozow.com felipegonzalezdomni.con-ip.com code2023.kozow.com 4.tcp.ngrok.io 0.tcp.eu.ngrok.io 4.tcp.eu.ngrok.io nesipraviprob-28040.portmap.host kdfsv.duckdns.org de2.localto.net pepecasas123.net pepecasas123.mywire.org srd.theworkpc.com firstonenow.buyshouses.net 7.tcp.eu.ngrok.io 16.ip.gl.ply.gg show-pda.gl.at.ply.gg r0nj.ooguy.com hassan.webhop.net stores-bidder.gl.at.ply.gg # https://any.run/malware-trends/njrat?utm_source=twitter&utm_medium=post&utm_campaign=columbia&utm_content=linktotracker&utm_term=140324 # Added on: 2024-03-19 5.tcp.eu.ngrok.io 4.tcp.ngrok.io 0.tcp.eu.ngrok.io 4.tcp.eu.ngrok.io junio2023.duckdns.org downloads-invest.gl.at.ply.gg 7.tcp.eu.ngrok.io going-agenda.gl.at.ply.gg 16.ip.gl.ply.gg kexa600200.ddns.net fr3onhoms.ddns.net argentina1100.ddns.net fasterstronger.ddns.net startitit2-23969.portmap.host youknow.duckdns.org hackerguru.ddns.net hackerguru.duckdns.org 18.ip.gl.ply.gg sousou.linkpc.net njtrial.duckdns.org # https://any.run/malware-trends/remcos?utm_source=twitter&utm_medium=post&utm_campaign=columbia&utm_content=linktotracker&utm_term=140324 # Added on: 2024-03-19 code2023.kozow.com marzo18.con-ip.com 5.tcp.eu.ngrok.io theworldofgodispowerinc.duckdns.org enero2024.con-ip.com ergfergnownfiejrf.con-ip.com 4.tcp.ngrok.io windowsserverfebarch.duckdns.org newerra.duckdns.org 4.tcp.eu.ngrok.io sion.con-ip.com febrero27.con-ip.com busbuctomorrrw.ddns.net zubby2468.hopto.org marzo15.con-ip.com patillal1.con-ip.com goodmoneyi.net sdfsdjhswdbjhd.con-ip.com marzo6.con-ip.com marzo5.con-ip.com # https://bird.makeup/users/k3yp0d/statuses/1768103726349213844 # Added on: 2024-03-19 kinneretacil.egnyte.com # https://bird.makeup/users/v3n0mstrike/statuses/1768124516910207482 # Added on: 2024-03-19 municipalidadcolbun.cl # https://www.securonix.com/blog/securonix-threat-research-security-advisory-new-deepgosu-attack-campaign/ # Added on: 2024-03-19 gbionet.com # https://ioc.exchange/@abuse_ch/111988107982872919 # Added on: 2024-03-19 fbi.su1001-2.top # https://infosec.exchange/@rmceoin/112124080069018687 # Added on: 2024-03-19 bellaciaorecipes.site dashingrecipe.site dicerecipes.site easydeliciousrecipe.site forgelyrics.site goodthefood.site joyousrecipe.site offood2.site offoodstuff.site potatoesusrecipe.site qualityinvoicebill.site quickrecipe-idea.site recipedockside.site recipehubzone.site recipejuicy.site rosemaryrecipe.site streetfoodrecipe.site talerecipes.site tastefullrecipe.site tastefullrecipes.site tastefullyrecipes.site theclassyrecipe.site theflavorrecipe.site thenutriesrecipe.site therecipedelishs.site # https://www.trendmicro.com/en_us/research/24/c/earth-krahang.html # Added on: 2024-03-20 www.security-microsoft.net update.centos-yum.com update.microsoft-setting.com update.windows.server-microsoft.com cdn-dev.helpkaspersky.top data-dev.helpkaspersky.top happy.gitweb.cloudns.nz support.helpkaspersky.top gtldgtld.store softupdate.xyz tfirstdaily.store # https://bird.makeup/users/1zrr4h/statuses/1770306554194977113 # Added on: 2024-03-20 google.loader-x.ru test1.loader-x.ru 1q.loader-x.ru jiga.loader-x.ru checker.loader-x.ru ananas.loader-x.ru www.loader-x.ru # https://bird.makeup/users/1zrr4h/statuses/1770131320280142193 # Added on: 2024-03-20 cuenta.lideramoserviciosfinanscleros.com # https://bird.makeup/users/1zrr4h/statuses/1770163448212803953 # Added on: 2024-03-20 zeussiir.info # https://twitter.com/Unit42_Intel/status/1770461681145061378 # Added on: 2024-03-20 escuelademarina.com badbutperfect.com # https://bird.makeup/users/malwrhunterteam/statuses/1769982812852048137 # Added on: 2024-03-20 bitsmap.azurewebsites.net # https://bird.makeup/users/malwrhunterteam/statuses/1769852853097500834 # Added on: 2024-03-20 treszorwallest.azurewebsites.net # https://bird.makeup/users/malwrhunterteam/statuses/1769840338745659896 # Added on: 2024-03-20 www.mingeloem.com # https://asec.ahnlab.com/en/63192/ # Added on: 2024-03-21 privacy.hopto.org privatemake.bounceme.net www.ipservice.kro.kr panda.ourhome.o-r.kr www.mssrv.kro.kr # https://blog.sucuri.net/2024/03/sign1-malware-analysis-campaign-history-indicators-of-compromise.html # Added on: 2024-03-21 js.abc-cdn.online spf.js-min.site cdn.jsdevlvr.info cdn.wt-api.top load.365analytics.xyz stat.counter247.live js.opttracker.online l.js-assets.cloud api.localadswidget.com page.24supportkit.com streaming.jsonmediapacks.com js.schema-forms.org stylesheet.webstaticcdn.com assets.watchasync.com tags.stickloader.info # https://bird.makeup/users/1zrr4h/statuses/1770663798711423250 # Added on: 2024-03-21 claim.xworldsgames.com # https://www.sentinelone.com/labs/acidpour-new-embedded-wiper-variant-of-acidrain-appears-in-ukraine/ # Added on: 2024-03-21 solntsepek.com solntsepek.info solntsepek.org solntsepek.ru # https://www.proofpoint.com/us/blog/threat-insight/security-brief-ta450-uses-embedded-links-pdf-attachments-latest-campaign # Added on: 2024-03-21 ws.onehub.com salary.egnyte.com ln5.sync.com terabox.com # https://infosec.exchange/@rmceoin/112135054524241988 # Added on: 2024-03-21 paas.ofigesba.es olindis.com jzh.1cf8.com # https://unit42.paloaltonetworks.com/curious-serpens-falsefont-backdoor/#post-133071-_re5lfhtpycch # Added on: 2024-03-22 digitalcodecrafters.com # https://blog.talosintelligence.com/tinyturla-full-kill-chain/ # Added on: 2024-03-22 hanagram.jpthefinetreats.com caduff-sa.chjeepcarlease.com buy-new-car.com carleasingguru.com # https://www.malwarebytes.com/blog/threat-intelligence/2024/03/new-go-loader-pushes-rhadamanthys # Added on: 2024-03-22 arnaudpairoto.com puttyconnect.info astrosphere.world zodiacrealm.info # https://www.mandiant.com/resources/blog/apt29-wineloader-german-political-parties # Added on: 2024-03-23 siestakeying.com waterforvoiceless.org # https://bird.makeup/users/cryptolaemus1/statuses/1771266349517443221 # Added on: 2024-03-23 titnovacrion.top grunzalom.fun ganstaeraop.shop niceburlat.me ticava.org xacygo.org web3rse.com marypopkinz.com lufyfeo.org cuxu.org pubonao.org zefos.org # https://bird.makeup/users/__0xyc__/statuses/1770684464470872294 # Added on: 2024-03-23 quranchapter.t-cdn.org # https://bird.makeup/users/malwrhunterteam/statuses/1771507096372076849 # Added on: 2024-03-23 d-marts.shop # https://bird.makeup/users/1zrr4h/statuses/1771912721031663841 # Added on: 2024-03-24 the.earth.li tripadvisor.gift # https://bird.makeup/users/ultrafraud/statuses/1771590513973395666 # Added on: 2024-03-24 download-updata.com s2.download-updata.com # https://infosec.exchange/@threatcat_ch/112156539263059530 # Added on: 2024-03-25 cdn-serveq.net # https://www.rapid7.com/blog/post/2024/03/20/the-updated-apt-playbook-tales-from-the-kimsuky-threat-actor-group/ # Added on: 2024-03-25 00701111.000webhostapp.com 00701111.000webhostapp.com gosiweb.gosiclass.com niscarea.com # https://bird.makeup/users/1zrr4h/statuses/1772509822203637819 # Added on: 2024-03-26 gamemodz.duckdns.org # https://bird.makeup/users/1zrr4h/statuses/1772319233285722412 # Added on: 2024-03-26 www.cl-bancofalabella-app.com www.tarjetacencosud-cl.com # https://blog.sekoia.io/tycoon-2fa-an-in-depth-analysis-of-the-latest-version-of-the-aitm-phishing-kit/ # Added on: 2024-03-26 0q5e0.nemen9.com 25rw2.canweal.com 35fu2.ouchar.ru 4343w.jgu0.com 43rw98nop8.m1p8z.com 4m2swl.7e2r.com 5me78.methw.ru 6j312.rchan0.com 77p3e.rimesh3.com 8000n.uqin.ru 8uecv.gnornamb.com 98q5e.ructin.com 9c43r.theq0.com 9oc0y2isa27.demur3.com beacon.diremsto.com bloggcenter.com buneji.fiernmar.com e85t8.nechsha.com ex1uo.rhknt.ru explore.atlester.ru fiq75d.rexj.ru fisaca.trodeckh.com galume.aricente.com gz238.uatimin.com horizon.sologerg.com jp1y36.it2ua.com k348d.venti71.com kjlvo.ningeona.com kjsdflwe.nitertym.ru l846d.ferver8.com libudi.oreversa.com n29k4.ilert.ru n9zph.lw8opi.com o6t94g.3tdx2r.com oo99v.coqqwx.ru p1v12.17nor.com pmd8ot6xhw.3qjpc.com q908q.refec7.com r298y.sem01.com rlpq.tk9u.com roriku.orankfix.com tlger-surveillance.com tnyr.moporins.com wasogo.shantowd.com x12y.restrice.ru xrs.chenebystie.com xva.tjlpkcia.com zaqaxu.dthiterp.ru zekal6.tnjxb.com zemj4f.ymarir.ru # https://infosec.exchange/@rmceoin/112162545425717808 # Added on: 2024-03-26 apijsonparserkit.com # https://bird.makeup/users/cryptolaemus1/statuses/1772757743062913152 # Added on: 2024-03-27 ingatecsus.com.br backupitfirst.com withupdate.com # https://bird.makeup/users/executemalware/statuses/1772662329181614587 # Added on: 2024-03-27 sempersim.su # https://bird.makeup/users/executemalware/statuses/1772737811222819013 # Added on: 2024-03-27 backupitfirst.com # https://blog.morphisec.com/mispadu-infiltration-beyond-latam # Added on: 2024-03-27 160.126.168.184.host.secureserver.net contdskl.bounceme.net betmaniaplus.com arq.carpedum.com mtw.toh.info 1fu11ubut.zapto.org sistecmastegodd.life contdjf.pro # https://labs.k7computing.com/index.php/unknown-ttps-of-remcos-rat/ # Added on: 2024-03-27 lora1.safesopkoco.com lora2.safesopkoco.com safesopkoco.com masterbotsbrothers.xyz mota1.masterbotsbrothers.xyz mota2.masterbotsbrothers.xyz lora1.safesopkoco.co lora2.safesopkoco.co lora2.safesopko.net lora1.safesopko.net # https://infosec.exchange/@malware_traffic/112168244065616424 # Added on: 2024-03-27 treasurybanks.org bologna.sunproject.dev rome.sunproject.dev sweetapp.page gammaproject.dev torontoclub.vip # https://blog.eclecticiq.com/operation-flightnight-indian-government-entities-and-energy-sector-targeted-by-cyber-espionage-campaign # Added on: 2024-03-27 solucionesgeofisicas.slack.com swiftrecruiters.slack.com telcomprodicci.slack.com alfarabischoolgroup.slack.com # https://blog.eclecticiq.com/operation-flightnight-indian-government-entities-and-energy-sector-targeted-by-cyber-espionage-campaign # Added on: 2024-03-27 tucker-group.slack.com # https://bird.makeup/users/v3n0mstrike/statuses/1773092569909453093 # Added on: 2024-03-28 efranfacdigitaanglur.norwayeast.cloudapp.azure.com # https://bird.makeup/users/pollo290987/statuses/1773110284095234083 # Added on: 2024-03-28 ervimefacdigitataltrans.switzerlandnorth.cloudapp.azure.com # https://blogs.jpcert.or.jp/en/2024/02/lazarus_pypi.html # Added on: 2024-03-28 blockchain-newtech.com fasttet.com chaingrown.com # https://explore.avertium.com/resource/phobos-ransomware # Added on: 2024-03-28 adstat477d.xyz demstat577.xyz serverxlogs21.xyz # https://blog.fox-it.com/2024/03/28/android-malware-vultur-expands-its-wingspan/ # Added on: 2024-03-30 safetyfactor.online cloudmiracle.store flandria171.appspot.com newyan-1e09d.appspot.com mcafee.960232.com mcafee.353934.com mcafee.908713.com mcafee.784503.com mcafee.053105.com mcafee.092877.com mcafee.582630.com mcafee.581574.com mcafee.582342.com mcafee.593942.com mcafee.930204.com # https://blog.eclecticiq.com/operation-flightnight-indian-government-entities-and-energy-sector-targeted-by-cyber-espionage-campaign # Added on: 2024-03-30 solucionesgeofisicas.slack.com swiftrecruiters.slack.com telcomprodicci.slack.com alfarabischoolgroup.slack.com tucker-group.slack.com # https://bird.makeup/users/pollo290987/statuses/1773504555763855426 # Added on: 2024-03-30 kwifacdigitntca.switzerlandnorth.cloudapp.azure.com efranfacdigitaanglur.norwayeast.cloudapp.azure.com # https://infosec.exchange/@rmceoin/112196225821543797 # Added on: 2024-04-02 www.makingitorut.com # https://thedfirreport.com/2024/04/01/from-onenote-to-ransomnote-an-ice-cold-intrusion/ # Added on: 2024-04-02 mrassociattes.com aerilaponawki.com klindriverfor.com alishaskainz.com msc-mvc-updates.com # https://www.rapid7.com/blog/post/2024/03/28/stories-from-the-soc-part-1-idat-loader-to-bruteratel/ # Added on: 2024-04-02 cdn-network-services-001.com updatenazure.com # https://infosec.exchange/@jeromesegura/112203967551428234 # Added on: 2024-04-03 vlc-media-player.com fabulousfontshop.com adsname.com # https://www.proofpoint.com/us/blog/threat-insight/threat-actors-deliver-malware-youtube-video-game-cracks # Added on: 2024-04-03 associationokeo.shop detectordiscusser.shop edurestunningcrackyow.fun lighterepisodeheighte.fun pooreveningfuseor.pw problemregardybuiwo.fun sideindexfollowragelrew.pw technologyenterdo.shop turkeyunlikelyofw.shop # https://bird.makeup/users/karol_paciorek/statuses/1775152923271405876 # Added on: 2024-04-03 freshinxworm.ddns.net # https://infosec.exchange/@jeromesegura/112210203671117157 # Added on: 2024-04-04 puuty.org # https://bird.makeup/users/johnk3r/statuses/1775646168489267515 # Added on: 2024-04-04 josealdogamarralora09.con-ip.com # https://infosec.exchange/@malware_traffic/112213435923848769 # Added on: 2024-04-04 saidecommunity.org # https://www.proofpoint.com/us/blog/threat-insight/latrodectus-spider-bytes-ice # Added on: 2024-04-04 mazdakrichest.com riverhasus.com peermangoz.me aprettopizza.world nimeklroboti.info frotneels.shop hukosafaris.com arsimonopa.com lemonimonakio.com superior-coin.com superior-coin.com fluraresto.me mastralakkot.live postolwepok.tech trasenanoyr.best miistoria.com plwskoret.top sluitionsbad.tech grebiunti.top zumkoshapsret.com jertacco.com scifimond.com aytobusesre.com popfealt.one ginzbargatey.tech minndarespo.icu drifajizo.fun scifimond.com minndarespo.icu sokingscrosshotel.com titnovacrion.top # https://infosec.exchange/@jeromesegura/112214506870744443 # Added on: 2024-04-04 nordivpn.xyz besthord-vpn.com # https://bird.makeup/users/karol_paciorek/statuses/1775843011361935869 # Added on: 2024-04-05 up-games.shop cleartotalfisherwo.shop # https://www.fortinet.com/blog/threat-research/byakugan-malware-behind-a-phishing-attack # Added on: 2024-04-07 blamefade.com.br thinkforce.com.br # https://www.resecurity.com/blog/article/the-new-version-of-jsoutprox-is-attacking-financial-institutions-in-apac-and-mena-via-gitlab-abuse # Added on: 2024-04-07 suedxcapuertggando.ddns.net mdytreudsgurifedei.ddns.net kiftpuseridsfryiri.ddns.net hudukpgdgfytpddswq.ddns.net ykderpgdgopopfuvgt.ddns.net mdytreudsgurifedei.ddns.net mdytreudsgurifedei.ddns.net kiftpuseridsfryiri.ddns.net eopgupgdpopopfuupi.ddns.net ykderpgdgopopfuvgt.ddns.net hudukpgdgfytpddswq.ddns.net # https://cloud.google.com/blog/topics/threat-intelligence/investigating-ivanti-zero-day-exploitation # Added on: 2024-04-07 symantke.com miltonhouse.nl entraide-internationale.fr api.d-n-s.name cpanel.netbar.org clickcom.click clicko.click duorhytm.fun line-api.com areekaweb.com ehangmun.com secure-cama.com # https://infosec.exchange/@jeromesegura/112220432423348296 # Added on: 2024-04-07 thenordvpn.info aftermathdaffodil.online # https://infosec.exchange/@jeromesegura/112221016771258286 # Added on: 2024-04-07 notlion.co reporicue.xyz # https://bird.makeup/users/1zrr4h/statuses/1776349778399420680 # Added on: 2024-04-07 dcnlaleanae8.com dcnlaleanae9.com # https://www.bitdefender.com/blog/labs/ai-meets-next-gen-info-stealers-in-social-media-malvertising-campaigns/ # Added on: 2024-04-09 aimidjourney.agency aimidjourney.org getmidjourney.tech aimidjourney.online midjourneys.world mid-journey.pro deepface.pro ai-midjourneys.org aimidjourneys.com ai-midjourney.pro aimidjourney.tech get-midjourney.site midjourneys.online midjourneys.site ai-midjourney.net midjourneys.co aimidjourneys.org mid-journey.life midjourneys.live midjourneysai.us midjourneys.tech midjourneyais.us mid-journey.tech ai-midjourney.info art-midjourney.art art-midjourney.org ai-midjourneys.com ai-midjourneys.net aimidjourney.space # https://infosec.exchange/@jeromesegura/112237528766247216 # Added on: 2024-04-09 calendar.oandasapp.com apto-apps.com # https://infosec.exchange/@jeromesegura/112238164855540594 # Added on: 2024-04-09 discovus.com # https://www.fortinet.com/blog/threat-research/scrubcrypt-deploys-venomrat-with-arsenal-of-plugins # Added on: 2024-04-09 hjkdnd.duckdns.org mup830634.duckdns.org markjohnhvncpure.duckdns.org homoney177.duckdns.org febvenom8.duckdns.org rachesxwdavid.duckdns.org nanoshd.pro nanoshield.prohxxps kisanbethak.com kisanbethak.com # https://asec.ahnlab.com/en/63980/ # Added on: 2024-04-09 interferencesandyshiw.shop chokepopilarvirusew.shop pillowbrocccolipe.shop communicationgenerwo.shop diskretainvigorousiw.shop affordcharmcropwo.shop dismissalcylinderhostw.shop enthusiasimtitleow.shop worryfillvolcawoi.shop cleartotalfisherwo.shop # https://infosec.exchange/@jeromesegura/112243281951552345 # Added on: 2024-04-09 recovernj.com puttyy.ca mkt.geostrategy-ec.com # https://blog.talosintelligence.com/starry-addax/ # Added on: 2024-04-10 runningapplications-b7dae-default-rtdb.firebaseio.com # https://securityintelligence.com/x-force/hive0051-all-in-triple-threat/ # Added on: 2024-04-10 logitrap.ru kaelos.ru www.windingroad.ru nutaral.ru # https://bird.makeup/users/1zrr4h/statuses/1777789004336800241 # Added on: 2024-04-11 files.offshore.cat # https://www.welivesecurity.com/en/eset-research/exotic-visit-campaign-tracing-footprints-virtual-invaders/ # Added on: 2024-04-12 phpdownload.ngrok.io chitchat.ngrok.io wetalk.ngrok.io 3.tcp.ngrok.io zee.xylonn.com letchitchat.info # https://www.rapid7.com/blog/post/2024/04/10/stories-from-the-soc-part-2-msix-installer-utilizes-telegram-bot-to-execute-idat-loader/ # Added on: 2024-04-12 read-holy-quran.group kalpanastickerbindi.com # https://threatresearch.ext.hp.com/raspberry-robin-now-spreading-through-windows-script-files/ # Added on: 2024-04-12 download.php download.php chroococcoid.sbs polyideism.sbs ophthalmomyositis.sbs quarrelers.sbs counterboring.sbs brittlebush.sbs noematachograph.sbs hemimetabolism.sbs spendthriftiness.sbs misalienate.sbs smartville.sbs refractorily.sbs syllabication.sbs uninsolvent.sbs mammaterijekasumy.sbs dechlorinatingdermatropic.sbs axiologies.sbs okruzihealdsburg.sbs halsalkalindivvies.sbs squeezably.sbs contretemps.sbs indulgement.sbs viandelarkishness.sbs cunyguddlefrodina.sbs audiovisuals.sbs perrputtnomi.sbs azoospermia.sbs metriconetimeagley.sbs dundeelieflydeflect.sbs juniorstwosometogt.sbs nametagsweatseyelike.sbs glubeulaufuggy.sbs bootedpindusvalenba.sbs rockerstalbertcerate.sbs biltongpumpsiecrumrod.sbs jossesdialykreamer.sbs ingressfloor-walker.sbs freamingrafttwoway.sbs craighleserapic.sbs acid-fastlindbom.sbs annuelertimes.sbs kepfoipnjw.sbs semantical.sbs dominieunflaming.sbs urvkwwqhjb.sbs undefinitely.sbs 294unmendaciously.sbs oilproofing.sbs sphere-born.sbs 294anacamptometer.sbs proconsulships.sbs unthematically.sbs hockersmixtecsquier.sbs arctiidkwatumaindwelt.sbs curricular.sbs buxbaumiaceae.sbs subextensibleness.sbs unconstrainedness.sbs anguilliform.sbs 1v.nz 7t.nz 9y.si # https://www.malwarebytes.com/blog/threat-intelligence/2024/04/active-nitrogen-campaign-delivered-via-malicious-ads-for-putty-filezilla # Added on: 2024-04-12 kunalicon.com inzerille.com recovernj.com file-zilla-projectt.org puuty.org pputy.com puttyy.ca amplex-amplification.com newarticles23.com support.hosting-hero.com mkt.geostrategy-ec.com # https://www.trendmicro.com/en_us/research/24/d/earth-hundun-waterbear-deuterbear.html # Added on: 2024-04-13 freeprous.bakhell.com cloudflaread.quadrantbd.com showgyella.quadrantbd.com rscvmogt.taishanlaw.com smartclouds.gelatosg.com suitsvm003.rchitecture.org cloudsrm.gelatosg.com # Added on: 2024-04-13 freeprous.bakhell.com cloudflaread.quadrantbd.com showgyella.quadrantbd.com rscvmogt.taishanlaw.com smartclouds.gelatosg.com suitsvm003.rchitecture.org cloudsrm.gelatosg.com # https://infosec.exchange/@jeromesegura/112260174907264178 # Added on: 2024-04-13 gocdkey.com advanced-ip-scann.org citizens.brainboosterlms.com # https://infosec.exchange/@malware_traffic/112278055287803541 # Added on: 2024-04-16 globalsolutionunlimitedltd.com mebumau.org mmtixmm.org # https://infosec.exchange/@jeromesegura/112278772656000741 # Added on: 2024-04-16 notion.soapp.me jopa.site # https://www.proofpoint.com/us/blog/threat-insight/social-engineering-dmarc-abuse-ta427s-art-information-gathering # Added on: 2024-04-16 stimson.shop stimsonn.org nknevvs.org wilsoncenters.org wilsoncentre.org # https://isc.sans.edu/diary/30848 # Added on: 2024-04-17 firstviewautoservice.com # https://www.threatdown.com/blog/fakebat-campaign-continues-now-also-targeting-vmware-users/ # Added on: 2024-04-18 vmwareai.onelink.me nogyr.net sweryeervx.onelink.me hcointelegraph.com todoist.labsapp.org vmvarehome.com slackappwork.com warebroadcom.com labsapp.org trellmessage.net taxblock.org appcalendle.com derproject.org appbitget.com wardenhome.net whatstationapp.com whatstationapp.net techgplus.com techghub.com onepasswordapp.com appfeatured.com doublerwork.com bit.wardenhome.net notsworks.net yachting-world.org caldenry.com calendar.oandasapp.com oandasapp.com shopehome.com notsworks.com notion.soapp.me asana.currencyapp.net currencyapp.net blen.derproject.org camsaction.com bitbuck.onepasswordapp.com figma.appbitget.com todoist.techghub.com deskhomes.com calend.techgplus.com bigbacket.org trade.doublerwork.com zen.deskhomes.com # https://www.zscaler.com/blogs/security-research/malvertising-campaign-targeting-it-teams-madmxshell # Added on: 2024-04-19 advaanced-ip-scanner.com advaanced-ip-scanner.net advanceb-ip-scanner.com advanceb-lp-scanner.com advanced-ip-saaner.com advanced-ip-scaaner.com advanced-ip-scaer.com advanced-ip-scaer.net advanced-ip-scanel.com advanced-ip-scanel.net advanced-ip-scanerr.com advanced-ip-scanerr.net advanced-ip-scanir.com advanced-ip-scanir.net advanced-ip-scanr.com advanced-ip-scanr.net advanced-ip-scanz.com advanced-ip-scanz.net advanced-lp-saanel.com advanced-lp-saaner.com advanced-lp-scanel.com advanced-lp-scannel.com advansed-ip-scanner.com advansed-ip-scanner.net advvanced-ip-scanner.com advvanced-ip-scanner.net angryipscan.net angryipscaner.com ipscannerprtg.com keystore-explore.com manageeengines.com manageeengines.net managengines.com managengines.net managengins.com managengins.net networkipscan.com networkscanip.com paesslers.com prtgscan.com litterbolo.com # https://securelist.com/dunequixote/112425/ # Added on: 2024-04-19 commonline.space g1sea23g.commonline.space tg1sea23g.commonline.space telemetry.commonline.space e1awq1lp.commonline.space mc.commonline.space userfeedsync.com service.userfeedsync.com telemetry.userfeedsync.com # https://infosec.exchange/@jeromesegura/112294111264356672 # Added on: 2024-04-19 notilon.co sivaspastane.com utm-adrooz.com startupzonechanpatia.com # https://infosec.exchange/@jeromesegura/112299038005179127 # Added on: 2024-04-20 todoist.labsapp.org technogale.com # https://infosec.exchange/@jeromesegura/112315584424279462 # Added on: 2024-04-22 bitbucket.workforteams.net kimworkfiles.com # https://infosec.exchange/@jeromesegura/112317265572355152 # Added on: 2024-04-24 windirctat.net totalhealthforce.new.kleardigital.com # https://infosec.exchange/@malware_traffic/112317734982939385 # Added on: 2024-04-24 www.metalhox.com # https://infosec.exchange/@threatcat_ch/112320381358759326 # Added on: 2024-04-25 ipscanadvsf.com notionso.online # https://infosec.exchange/@rmceoin/112320946540515429 # Added on: 2024-04-26 22aprl.hintguides.com bestnew.hintguides.com latestupdate.hintguides.com # https://infosec.exchange/@jeromesegura/112334488953120910 # Added on: 2024-04-27 notlon.so.appllnk.com doeepcoeed.site # https://infosec.exchange/@jeromesegura/112341270753977981 # Added on: 2024-04-27 anyconnect.digital # https://bird.makeup/users/1zrr4h/statuses/1782643011702210691 # Added on: 2024-04-28 plastchim-t.com # https://bird.makeup/users/karol_paciorek/statuses/1783491982402191790 # Added on: 2024-04-28 gjhfhgdg.insane.wang # https://bird.makeup/users/idclickthat/statuses/1782882684072526280 # Added on: 2024-04-28 r2.ohyoulookstupid.win # https://infosec.exchange/@jeromesegura/112345567222386091 # Added on: 2024-04-28 advanced-ip.org iknowyouwantthis.com # https://thedfirreport.com/2024/04/29/from-icedid-to-dagon-locker-ransomware-in-29-days/ # Added on: 2024-04-29 rpgmagglader.com ultrascihictur.com oopscokir.com restohalto.site ewacootili.com magiraptoy.com fraktomaam.com patricammote.com moashraya.com winupdate.us.to # https://news.sophos.com/en-us/2024/04/26/malware-campaign-abuses-legit-defender-binaries/ # Added on: 2024-05-01 azuycomp.com updatebalancer.online businessannually.com buygreenstudio.com devs.ambitenergycorporation.com fluffy-teletype-gw.aws-euc1.cloud-ara.tyk.io realsepnews.com usaglobalnews.com du178mamil.com drifajizo.fun fluraresto.me mastralakkot.live miistoria.com plwskoret.top scifimond.com skinnyjeanso.com stratimasesstr.com titnovacrion.top winarkamaps.com basiconlineincome.com lakeshorehomebuilders.com retdirectyourman.eu supfoundrysettlers.us yourserenahelpcustom.uk topclubfond.com # https://infosec.exchange/@jeromesegura/112357256597231191 # Added on: 2024-05-02 wsj.wf cdn1124.net # https://www.zscaler.com/blogs/security-research/zloader-learns-old-tricks # Added on: 2024-05-02 eingangfurkunden.digital citscale.com adslsdfdsfmo.world gycltda.cl # https://blogs.infoblox.com/threat-intelligence/a-cunning-operator-muddling-meerkat-and-chinas-great-firewall/ # Added on: 2024-05-02 4u.com kb.com oao.com od.com boxi.com zc.com s8.com f4.com b6.com p3z.com ob.com eg.com kok.com gogo.com aoa.com gogo.com zbo6.com id.com mv.com nef.com ntl.com tv.com 7ee.com gb.com tunk.org q29.org # https://infosec.exchange/@th3_protoCOL/112360917153667995 # Added on: 2024-05-03 appauthentiflcator.digital authentlcatcodes.icu # https://pastebin.com/raw/pza2BkRF # Added on: 2024-05-03 getfreeinvstrat.club aulibra.cloud castamasta.cloud canstcktrade.cloud autrade.cloud aufrplatf.cloud plttradecan.cloud sorenomoneno.cloud ketoslimness.cloud canstockplt.cloud ancrisau.cloud tradeplatau.cloud tormornew.cloud coolbody.cloud activeprog1.space invst1.space activeprog3.space lookamazing.space systemlocal.space torgsystem.space inforedan.space projectpro.space ulitas.space traidinfomes.space idealiks.space frodpens.space euinvstrat.space instart.space tx5-new.space onlinecanad.life librahongtrade.life firehongtrade.life maxhongtrade.life oggle.life bestname.life newprostl.life runewzl.life runationsystem.life ipvst-com.life coingo.life neonas.life pikoteriot.life impiterokut.life idealicca.online biolicca.online bionicca.online bioniica.online ullka.online zamka.online laptra.online polkopolata.online poliakosta.online saluta.online nolekqsab.online pernad.online osamd.online maxinproend.online repsend.online lyktescod.online merogod.online platformkod.online bosd.online nixtraae.online lbtrade.online woosdde.online shortinside.online waagge.online urzadzenie.online begmonie.online bastmunie.online profichaine.online city-online.online betterline.online new-maixione.online emptyone.online moneucore.online tsocef.online libraprof.online gofgplaatf.online justoplatf.online limepdftf.online bonifig.online nawloxrig.online mystrblg.online tesling.online zomzing.online texl-prog.online millllon-prog.online balt-prog.online oficbndprog.online bstprg.online sudenh.online thegoodhealth.online plaski.online sustavli.online bodpernti.online gaseyhik.online pashabnk.online jiilok.online bozal.online remesmil.online ctiril.online storkl.online progitl.online pgrmlvl.online botaam.online maskprogram.online newitem.online tpegonbom.online labramtum.online tradestckcan.online stopcrscan.online new-chan.online polkkan.online mxcadn.online prlantlidogen.online prlmaxlidogen.online gmusken.online nitromain.online intermain.online brlwin.online profesptsln.online grantwagon.online frontmon.online can-info.online jukalo.online ixolytinmo.online mixyto.online werfap.online soksop.online eqobifoltop.online bodytop.online tramitxapp.online terpesp.online sheffpresp.online euptrasup.online mentafar.online globprstar.online salasuccer.online quanoffer.online niwqer.online tradmaster.online canpower.online laqwer.online pltfrmr.online maxi-mizator.online traidautor.online prilka-gpr.online cnipr.online linkerr.online promasterr.online ausoiltr.online fondeur.online bodophxr.online sheapas.online masterpr-es.online sylviaes.online ildnes.online bestlines.online rusites.online onlinezuckprogs.online idialiks.online bioliks.online bioniks.online volksmarks.online visols.online buysns.online nretos.online slimstops.online safars.online infornatikolors.online maxizzators.online lokass.online sokkarplat.online tyrusat.online antpoject.online rntirolit.online maskaprojekt.online krorersstorent.online perobifot.online masert.online progstrt.online momento-fast.online sillarecost.online penett.online fazt.online lazt.online complau.online emptymileu.online sustavv.online infplatnew.online flsstornw.online fromsknow.online trdplnow.online pro-trax.online apptrax.online anttrix.online uroptix.online kibbley.online wstesdology.online goodhealthhy.online niwiz.online tasafhxiz.online drosg.one toilop.one levens.one lexityy.one maxfakt0.site b36-land1.site online-like1.site xze1.site online-prog1.site cetan1.site tes1.site prils1.site onlineact1.site newprot1.site activemax1.site b36-land2.site trapc3.site b36-land3.site troi3.site loyalmp3.site b36-land4.site strukts5.site invst5.site libreaa.site libiaa.site hotaba.site regfa.site vilkateka.site maskka.site dietabella.site sheffsistema.site forttuna.site cantradelibra.site onlinelibra.site botlibra.site officiial-tra.site nyttra.site cepura.site zdrowa-dieta.site healthydieta.site pollita.site nextxa.site maxiza.site falza.site offgrab.site formensclub.site kzincprotac.site innowac.site giftec.site potencilic.site totric.site off-finsic.site pr0gmatic.site geolloc.site news-espc.site canmarketc.site dorhtc.site leomad.site witerkolorad.site ofed.site whtbotred.site ontraid.site tredid.site depilid.site topplid.site imperrid.site imptrid.site lontradeworld.site fhantld.site tesslend.site smotrylend.site posmod.site ftrpr0grambrd.site progxbrd.site tryaltrade.site tsltrade.site firecantrade.site paytrade.site shortinside.site coinntrde.site fortee.site blazee.site goodelife.site highhlife.site dreammlife.site healthyslife.site luxurrylife.site finproge.site eupeaple.site b36cname.site blogrime.site bessttime.site velribne.site grownthline.site blogdietaonline.site waonline.site maxionline.site tesslonline.site anprogramonline.site partneronline.site prodietasonline.site chatonline.site vlchatonline.site neochatonline.site cchattonline.site online-one.site theprojectone.site fulldepne.site procytne.site hyppe.site learnmorre.site brightre.site prilltre.site teleconytre.site ecclippse.site wabotse.site londte.site trust-site.site libsite.site projsite.site mksite.site prolte.site uznayemvmeste.site tactive.site vibewawe.site voxipowe.site tolaf.site maxiraf.site maxiprof.site solprof.site goolplaatf.site tr-pltf.site youlibplattf.site hotpr0g.site lareg.site nertblig.site bitnig.site polaroig.site trdng.site sowng.site logixc-prog.site byjrbprog.site redandprog.site xoneprog.site canfireprog.site liveprog.site canmaxiprog.site loyalprog.site systeemprog.site chainprog.site appprog.site kasprog.site tmasprog.site canfxprog.site myprog.site activityprog.site heerg.site sofllprg.site tradiinsg.site librotech.site kzxtech.site kooduusph.site mycaash.site profitcsh.site neomai.site krokodi.site davaydengi.site partshi.site tayki.site pordli.site canibani.site fergulini.site multti.site okkwi.site blog3maxi.site emaxi.site promaxi.site aumaxi.site depsizi.site milproj.site bopproj.site psh-bk.site plneobk.site goodlucck.site diwpek.site fast4ik.site gernik.site ssilpik.site peqwik.site prebamk.site offiibank.site newsiiteok.site newsiteok.site reslimsok.site finansok.site biztok.site margiduk.site zabihuk.site opariluk.site mutlluluk.site tergovuk.site belenyk.site new-max1l.site infbal.site onedeal.site prodietsofficial.site progtemal.site pltel.site new-schl.site evvbil.site fastoiil.site eumaxil.site top-prill.site violl.site treespll.site maxprogramonl.site ficol.site welmcol.site lawashpol.site jupol.site imsol.site blog1pl.site views1pl.site izicpl.site tesllpl.site autsystpl.site top-prl.site linkosl.site pgrmlvl.site new1m.site antpr0gram.site trade-program.site mcsh-program.site cas-program.site live1program.site pro1program.site mobprogram.site anprogram.site binprogram.site tonprogram.site infoprogram.site solarprogram.site starprogram.site bndrprogram.site vertprogram.site kraem.site palkasistem.site redsistem.site franksistem.site inv-system.site oficialsystem.site dieta-slim.site biolslim.site projm.site lenimm.site platformm.site repostikom.site welwelkom.site westmom.site derom.site ginfoorm.site albb4um.site premmium.site maylenium.site new-co1n.site canban.site robacan.site trlibracan.site imptradecan.site tescan.site super-chan.site zohan.site qtredian.site libroman.site dsan.site riossan.site master-cn.site fonden.site etoograblen.site clubformen.site feren.site itprofbin.site kuzskribin.site conbin.site werbin.site omudin.site dnkfin.site canchin.site prtoin.site tesin.site kamiln.site marsann.site powtann.site elespcoinn.site tesl-con.site tasalcon.site teslcon.site newgon.site top-tonachion.site new-tonachion.site cepsreaction.site alekkon.site fur-mon.site traidmon.site pasimon.site t0pmon.site repon.site tetron.site plowson.site nixxon.site indepn.site libraltn.site iklao.site point-appco.site balusdo.site multi-info.site can-info.site pointinfo.site bnkgo.site daergo.site reoacio.site utulo.site stormo.site cetaro.site prognero.site activpl-pro.site proficpro.site borodpro.site dkgt-progpro.site progipro.site maksipro.site makssipro.site programpro.site onlinespro.site wellspro.site chatspro.site progitpro.site chxpro.site czpro.site webelctro.site livesketo.site inseto.site okhtyrkapiwo.site olasep.site masterhp.site canpartnership.site canparrtnership.site invbalp.site bamp.site minrop.site ikasop.site milentop.site new-gcontop.site cplstop.site activtop.site bestripp.site medicesp.site blog-cmesp.site sheffmasteresp.site vip-krisp.site che1ngroup.site onlysup.site asdadq.site hieq.site insannlar.site bhquar.site depanticr.site sitebndr.site klober.site libander.site canoffer.site tonmanager.site maximer.site shippartner.site eupartner.site bloper.site liprogramser.site slowater.site kzcnainter.site bloagster.site froster.site changebetter.site pruyter.site leplaatfr.site fexir.site konkdor.site wertykolor.site miinor.site leadpor.site cash-generator.site milionizator.site frankprogpr.site minarr.site greerr.site linkerr.site welcme-proftr.site lacktr.site teconkilotr.site olafedur.site jasewr.site teleportertyr.site polgas.site xtlas.site tralmas.site instaleads.site sheeds.site rea1trades.site vishes.site feles.site earningsrules.site sportstyles.site exetemes.site cnaines.site ketoslimnes.site oilgoes.site liberes.site blogdemujeres.site meltabetates.site kzproftes.site vipsites.site rusites.site newsites.site balltes.site plprogpltes.site programtes.site offinfs.site winprogs.site bestprogs.site loaks.site infoprogremitiks.site kztels.site tdoms.site sitevms.site progfins.site bigmons.site infocos.site pkowolkos.site prommos.site partnerrships.site waapps.site koduspps.site lproglibrs.site kolibers.site mooketers.site auzers.site projectrs.site socpass.site infoleadss.site secretsoffsuccess.site suuccess.site oursuuccess.site sidess.site ashess.site dishess.site newlivess.site blogss.site programss.site sanss.site universaldiets.site gelts.site top-xlts.site chatsbots.site europparts.site bashus.site newwithus.site program-plus.site elitestatus.site vip-servs.site stecowkows.site coolbodys.site new1t.site programchat.site imriolat.site beparat.site bepparat.site prof-stat.site constat.site maximuzat.site plprogram-act.site kzreact.site tsl-project.site t0project.site m1project.site t1project.site oficproject.site skulproject.site limproject.site eurproject.site newwproject.site bigget.site bestofthediet.site vizlet.site swif2ft.site teslprofit.site pro-activprofit.site geniit.site mon-crit.site softit.site itprojekt.site nev1evesplt.site appco-point.site stopetcart.site flplstart.site vip-lirt.site redusfort.site gem-fast.site wlossfast.site viast.site teleslast.site new-1nvest.site total1nvest.site bot-invest.site justcoost.site mic-invst.site live-syst.site infosyst.site parapett.site conektt.site zartt.site lvdepsystt.site denngitut.site kowt.site polkopolyt.site otkroyempravdu.site foneu.site masteu.site artaav.site profit-activ.site spactiv.site biorecinofficialv.site alvargarsalv.site prosinv.site aporuv.site faaraw.site teraw.site tr-new.site coplnew.site infoplnew.site projektnew.site pointnew.site newcrew.site winciw.site informationokiw.site rigklutnw.site ponyw.site maddax.site eliax.site programsmax.site kasenax.site nowax.site santrapeex.site newstradefx.site canpeoplefx.site cosmix.site newplx.site dinox.site lonwysox.site xattorx.site top-strx.site telmasx.site cantesx.site eu-progectx.site apppltx.site antyux.site mixx-today.site goodebody.site bigmney.site midibfy.site reachyrigy.site upducibly.site trd-story.site apprety.site lussty.site zestty.site probeautty.site electaxy.site quazkz.site bomz.site kzbakkumz.site smoz.site anticrysz.site gooddidea.live euglob.live peopleschoice.live monaccode.live socseskode.live open-sooursee.live goodforlife.live kredomoe.live choicetrue.live kzqaztrue.live pols-proof.live prxof.live revertag.live amalg.live cvesting.live elfi1prog.live fastiprog.live voltertug.live cztessl.live loyal-program.live sitiizens-program.live unic-com.live aptin.live robinsson.live berlpro.live underpar.live woltar.live ultraner.live plugvolter.live mongtor.live tipoches.live tes-progs.live evaprins.live truesolutions.live trendikus.live lifeet.live compirant.live maxsifot.live lovost.live successtyt.live passiv.live polex.live texlox.live checkty.live ofishlprog1.click ofishlprog2.click ofishlprog3.click itpolska.click trapetka.click depforma.click ketodietta.click lib2lib.click inventnamb.click urnlogic.click zaned.click tsxpro-progvid.click mt-world.click new-fnd.click alimentazione.click avifer-generate.click revterbaf.click sadfsfdfg.click chreactt-prog.click autoprog.click wlossprog.click projectprog.click lixprog.click interfoxprog.click mindprrg.click tes1aprodj.click maskproj.click dazll.click arteesl.click nbk-proprogram.click tentaklsistem.click sksliim.click goodpltrmm.click cash-platform.click lintctan.click gfinn.click strengthon.click ketorun.click everadpro.click swiftpro.click pro-dep.click iomperrcomp.click bangop.click new-firtop.click neutop.click finstar.click piconliner.click euser.click armaaxmr.click tradis.click tw-chat.click jerat.click maxiprofit.click today-blt.click biosyst.click ts-inv.click vip-serv.click ketosnew.click xtnew.click tx1tx.click prostx.click gowey.click fallz.click vallz.click balzz.click w1pl.link trdnewstory.link kaazma.com aximpoilc.com glowtrad.com revoprogramxzsed.com inccomme.com euterne.com bigmprog.com weallthh.com dncgonal.com prstlkonl.com strprogram.com japifireo.com gelopro.com welerpro.com btsitepq.com myoilcamps.com trylogfst.com luxxeeu.com tslopleu.com carvenergy.com korec.info lifepoppeople.info zonete.info gentaxe.info worldkolf.info tradefxok.info fxworldkol.info amaxonn.info cidreo.info maxtradefx.info chartix.info proone1.top tess1.top profitactiv1.top vazba.top fusda.top fovda.top chaintrainfa.top goprogramia.top daska.top maseczka.top teslala.top fortunella.top nikkola.top depforma.top mirana.top codesucmona.top zpetna.top tomara.top trdelibra.top bicopytra.top paesa.top wimsa.top mmtsa.top millyta.top wekza.top rikza.top malza.top folza.top vamza.top windscb.top lideb.top crumb.top socazrb.top milionaironliclub.top toplayb.top vikec.top hstlibrec.top fisec.top mastercasc.top fltrad.top programmtrad.top zatrradd.top onetraddd.top condd.top eumashd.top successfulbid.top kapiteid.top getid.top plozwid.top tradelifeworld.top prowrld.top inpoland.top yourfond.top onecgood.top wellnessgood.top moneycard.top straightforward.top logterd.top prossaud.top heavycloud.top zenvibe.top yourchance.top newchhance.top inntelligence.top profinnce.top skybounce.top rade.top oiltrrade.top metatrade.top peoplexftrade.top cushtrade.top portrade.top mttrade.top plsttrade.top mxttrade.top fxxmaxtrade.top cadtrde.top progtrde.top highestdegree.top pltradelife.top worldfxlife.top waagge.top koroje.top pickke.top prowile.top daple.top propeople.top toppeople.top euforpeople.top echople.top cashrule.top baane.top trprogonline.top topsonline.top grtonline.top ttssonine.top trdeone.top startone.top lamatore.top desirre.top maltre.top prilsauntre.top littre.top inncrease.top fidse.top prorationbestchoise.top tr-s1te.top rblogmate.top lststate.top promosite.top kodysite.top profactive.top troove.top mimprove.top nimprove.top ximprrove.top pensewe.top bostref.top txdasef.top botsaoff.top libcanprof.top justofhlatf.top openbjlplatf.top coolplattf.top newplattf.top lifepeoplexf.top hotpr0g.top botasyag.top program-reg.top likeprogg.top depprogg.top trednig.top amalg.top inveslong.top fortunellablog.top probioblog.top bioproblog.top kod-prog.top chreactt-prog.top tex-prog.top onlineprog.top ofishlprog.top ketoprog.top itcapprog.top activitpprog.top txresprog.top redusprog.top milloprg.top bloxg.top liopah.top masterch.top formhh.top master-cash.top marcukesh.top ketowesh.top letecush.top opensrc-ai.top tslprofai.top quanttumai.top foueusai.top appchi.top papiashvili.top faceemi.top maxmmi.top chainmi.top xinumi.top canicini.top canichini.top canini.top wicri.top nasteri.top fonudsi.top maskaprojertsi.top wskyrti.top polskiwiadamosti.top ai-trdj.top netaproj.top tslproj.top masterproj.top maxproj.top pashabk.top runik.top joluvik.top denkk.top pasnk.top inwok.top platdark.top botastrk.top aselsanask.top intesk.top artificcial.top progofficial.top reductiondual.top tutorel.top sebil.top canadaoil.top cangoil.top misteril.top dikl.top maxuikl.top liwall.top winterwall.top diaskill.top spoll.top beconl.top seqirnl.top makedol.top prodepl.top freepl.top maxpeoplepl.top propl.top siteregitsl.top xpowwerful.top sibemitul.top tistul.top unodream.top tesla-program.top waonlineprogram.top imperiallprogram.top chatprogram.top newprogram.top mwrldm.top cansystem.top offic-progm.top tradslim.top progslim.top delislim.top blogproslim.top botasyatirim.top bitwlkm.top beautyslimm.top qwantumm.top ltdroom.top partom.top platfohrm.top millioninform.top portoform.top new-platform.top forrum.top aiqquantum.top quanntum.top partnercan.top impercan.top euteschan.top chimman.top manasan.top retan.top gmasken.top milen.top diabetesen.top tadin.top moteldin.top eudonein.top canssin.top aptin.top wertin.top lascon.top byseniscon.top selreon.top newsiteon.top perfon.top bioproblogon.top traddion.top onlyblogofration.top onlineproration.top unomotivation.top reacttion.top finaskon.top projectxilon.top tesrlon.top top-mon.top eudkmon.top xaron.top primeson.top robinsson.top gituson.top harrsun.top secretldwn.top suftryn.top bizirefo.top pr-info.top bizinnfo.top progadebio.top infosio.top worldinfo-lo.top onlinedelo.top krito-pro.top tesxlapro.top reducepro.top newlvlpro.top progrpro.top librspro.top progictpro.top ainewpro.top msnewpro.top eumaxtro.top aiutomomento.top bakv1p.top levenap.top olsap.top activdep.top eu-partnership.top canpartship.top canprtship.top maxlip.top prog-jp.top txdop.top program-top.top beautifultop.top dreamtop.top blogprotop.top fininvtop.top partnershipp.top backdropp.top wispp.top newspp.top generalsup.top loktyp.top retemar.top newaistar.top turgoder.top info-manager.top chat-manager.top monmaker.top canpartner.top newmiter.top alinter.top limster.top canadapower.top redusizer.top chanr.top pomodor.top sheelpor.top max-i-mizator.top hivor.top formpr.top imperr.top appsterr.top progrr.top bottastr.top maxiaztr.top tubur.top ivelexr.top ibelxr.top oliaas.top kolas.top turkbotas.top trbotas.top gasbotas.top kolotas.top sunkids.top inluds.top autotrdes.top wlslimmes.top goodtimmes.top careonlines.top tesxappes.top topscares.top profinves.top plattesxes.top truproggs.top new-progs.top masslis.top vipstaris.top gexis.top ullaks.top xmdtmonaks.top asals.top tradfls.top lenfls.top em-tsls.top sweetdreeams.top followdreams.top ixims.top bitproms.top vertysbos.top folos.top teslos.top azantros.top ventos.top snnaps.top newsteps.top euships.top sacors.top pomochaleness.top jedenhaleness.top actyprogss.top fresh-newss.top innplats.top onlineregts.top parments.top mlnstarts.top programtts.top foryts.top billiplus.top spaactivs.top new-servs.top brokaws.top aboutnews.top energyxs.top bioloplys.top trdechat.top certykat.top dddplat.top mekplat.top prof-stat.top xiproject.top fisct.top strodt.top topsprodiet.top trueplanet.top kormenet.top b1n-set.top storyset.top maxprogt.top mllight.top pro-fit.top beneffit.top prooffit.top tesslcanfit.top systprogit.top progofficialit.top budswit.top metikt.top lintant.top unmoment.top ratont.top tesla-bot.top proqt.top ruregfast.top progrbest.top lifest.top aselvest.top botasvest.top petvest.top innwest.top prog-offliist.top metxst.top domstatt.top blastt.top boostt.top res1te-eu.top pushi-eu.top halpp-eu.top weocashouteu.top xeocashouteu.top zeocashouteu.top doitforyou.top specialforryou.top scoopu.top neuru.top wscesu.top covcv.top pesiv.top botturkinv.top siteapprv.top formew.top mtanew.top finew.top proslow.top tldnow.top sociagrow.top polstow.top noppyw.top tesla-x.top tradx.top trdex.top pilex.top ezonex.top versex.top worldpeoplefx.top storiyoufx.top pro-tsgix.top ai-chtix.top wartix.top nowyplx.top teslx.top stormx.top lymox.top trawinox.top lorwynx-stox.top nartoappx.top nowstarx.top korrx.top newtesx.top tradstatsx.top tradday.top mixn-today.top opennewday.top marzijay.top cosay.top devbby.top topbody.top newstriy.top headmny.top bigmny.top linqy.top histtory.top newstry.top soeassy.top checkty.top eutrty.top redusbeauty.top dilaz.top nalez.top valuez.top maxmaximiz.top lookamazing.sbs dietsystem.sbs goodhealthyforever.sbs sustavv.sbs sustavy.sbs tes-pl1.xyz testdom1.xyz program-pro1.xyz progpro1.xyz neuro1.xyz stor1.xyz trddoms1.xyz project-act1.xyz oneprofit1.xyz tex1.xyz maxxz1.xyz automaticprog2.xyz caoip7.xyz buddaa.xyz fozaa.xyz cndda.xyz tineda.xyz buuda.xyz officialketomatcha.xyz proketomatcha.xyz koduspeha.xyz zlpolska.xyz gabela.xyz valhaalla.xyz polkilopola.xyz chaimpa.xyz parliam-tara.xyz canlibra.xyz eubicopytra.xyz canbitcopytra.xyz trdsa.xyz planticrysa.xyz pro-dieta.xyz lenderdieta.xyz ferreta.xyz trdevista.xyz programweb.xyz mtalib.xyz trastlib.xyz investingssforhub.xyz distrac.xyz blueriec.xyz baltez-offic.xyz imedespofic.xyz projbaltic.xyz wellskc.xyz my-programsinc.xyz imtrad.xyz platformtrad.xyz akturtrad.xyz mettrad.xyz moreadd.xyz grandd.xyz plsk-traydd.xyz olled.xyz lopered.xyz livered.xyz lontred.xyz carted.xyz cotrid.xyz metwrld.xyz topgrand.xyz quantiend.xyz pasywnydchod.xyz sitrfood.xyz technotrd.xyz newtrd.xyz crossd.xyz maximizator-programplltd.xyz sellfud.xyz canfinance.xyz mtatarade.xyz mtattarade.xyz canplatrade.xyz rbtrade.xyz librasingtrade.xyz firesingtrade.xyz maxsingtrade.xyz ditrade.xyz impertrade.xyz testrade.xyz inetvrade.xyz xtradde.xyz hustleside.xyz prof-trde.xyz xproregtrde.xyz pitrde.xyz shortrde.xyz jortrde.xyz platformtde.xyz lnlee.xyz financeliffe.xyz stablelife.xyz winniglife.xyz greennlife.xyz libracache.xyz prlanticjutie.xyz tdp-like.xyz canoilpeople.xyz successfulpeople.xyz imoilcanpeople.xyz cannationpeople.xyz currpeople.xyz polime.xyz finencetime.xyz canfintime.xyz inncome.xyz reduslim-online.xyz mt-online.xyz programwatonline.xyz gocoine.xyz aulinne.xyz online-one.xyz slim-one.xyz redu-one.xyz quaptoone.xyz clypokloroe.xyz maxi-europe.xyz tlswinrare.xyz slase.xyz trde-pulse.xyz bittwhite.xyz we11site.xyz prommosite.xyz bestssite.xyz keto-matchablue.xyz benz-active.xyz nattive.xyz troove.xyz ximprrove.xyz tesxprogoff.xyz rooff.xyz wellingproff.xyz besstoff.xyz orggf.xyz masttrainf.xyz czopenprof.xyz ltdsof.xyz interasf.xyz limeplatf.xyz canlinkplatf.xyz goplatf.xyz cangeniusplatf.xyz partner-reg.xyz malangg.xyz activprogg.xyz dehhg.xyz rinbang.xyz nadodng.xyz progforwellbeing.xyz maxxing.xyz dreadlong.xyz maxi9blog.xyz prodietablog.xyz fortusblog.xyz canlink-prog.xyz top-prog.xyz maxises-prog.xyz balticprog.xyz choiseprog.xyz chaiprog.xyz maxiprog.xyz millprog.xyz tslprog.xyz infoprog.xyz dekloprog.xyz libsprog.xyz eastruprog.xyz tslaxprog.xyz testorovich.xyz nakeddtruth.xyz tr-offici.xyz prof-proffi.xyz suppii.xyz otbasi.xyz ttt-jj.xyz tsproj.xyz cukerzak.xyz poolblack.xyz savek.xyz sattilik.xyz polteromik.xyz tugrik.xyz jpbbnk.xyz fanddok.xyz maxximikitbook.xyz favoritelook.xyz historiawook.xyz formsok.xyz bukovynska-work.xyz progslimsk.xyz progrmsk.xyz projemusk.xyz longstk.xyz productreal.xyz bionicaofficial.xyz reduslimofficial.xyz ketonofficial.xyz reduslimoofficial.xyz blogdemujeresofficial.xyz mujeresblogsofficial.xyz wlossofficial.xyz melaofisial.xyz unlim-pal.xyz postral.xyz sanital.xyz job-bfl.xyz pllzprg-ll.xyz amarell.xyz pixosell.xyz telichkakol.xyz newpol.xyz rexol.xyz ico-pl.xyz icoi-app-pl.xyz co-app-pl.xyz tsx-pl.xyz ww0pl.xyz blog4pl.xyz autotrdpl.xyz insidepl.xyz infobadaniepl.xyz pixipl.xyz programpl.xyz maxlinpl.xyz monpl.xyz swippl.xyz activpl.xyz prlmaxpl.xyz neokarl.xyz mxmztrl.xyz plsk-tesl.xyz tessl.xyz powwerful.xyz tx0wl.xyz dastyl.xyz mgprogh-m.xyz mc-program.xyz bandaprogram.xyz antbprogram.xyz maxiprogram.xyz maxxiprogram.xyz globalprogram.xyz millenprogram.xyz proprogram.xyz topprogram.xyz my-chatprogram.xyz kannetprogram.xyz witprogram.xyz mtprogram.xyz sistprogram.xyz korgram.xyz collecm.xyz dietsystem.xyz onlservplgm.xyz maskts-unlim.xyz fit-and-slim.xyz redu-slim.xyz progslim.xyz topslim.xyz wlosslim.xyz ketttslim.xyz blogreduslim.xyz oficialreduslim.xyz proreduslim.xyz poptim.xyz progh-mm.xyz ketoslimm.xyz ledskom.xyz saotom.xyz trynowjpm.xyz czproggrm.xyz tongrm.xyz beta-platform.xyz bt-platform.xyz max-platform.xyz trdplatform.xyz trdingplatform.xyz newplatform.xyz jpprm.xyz millum.xyz cansym.xyz imo-can.xyz anticrispeoplecan.xyz aladdaican.xyz chaincan.xyz powercan.xyz tradeforcan.xyz stopcrscan.xyz ctatcan.xyz jpmrgan.xyz esbopehan.xyz bigsmoneykan.xyz multimman.xyz infalytan.xyz infallytan.xyz liposgreen.xyz lisogen.xyz agldcoyen.xyz reactichain.xyz pzudomain.xyz newtrdin.xyz recoiin.xyz whatpoliklin.xyz thullin.xyz weslin.xyz antsomin.xyz formann.xyz lainn.xyz goldfinn.xyz targonn.xyz nessicon.xyz biddon.xyz fedion.xyz kulion.xyz qwepion.xyz kloperion.xyz reactionon.xyz nanyxson.xyz grmton.xyz baletton.xyz mertton.xyz btktrdtn.xyz czprogtn.xyz blogoffrotun.xyz tslco.xyz newappco.xyz euclasco.xyz platform-info.xyz nutr-info.xyz newstrdinfo.xyz reduslinfo.xyz bizinnfo.xyz seikko.xyz eu2delo.xyz ndelo.xyz candelo.xyz cifleno.xyz okkno.xyz mbloginfoo.xyz gortempo.xyz precaro.xyz whac-pro.xyz maxi-pro.xyz ofisls-pro.xyz emus-pro.xyz tslapro.xyz esp-quapro.xyz klaccpro.xyz shepro.xyz peoplepro.xyz dekpro.xyz valompro.xyz binnpro.xyz reactionpro.xyz proyectopro.xyz hittpro.xyz caelectro.xyz canelectro.xyz pensso.xyz redusketo.xyz shiggoto.xyz redberto.xyz prlmaximiziksto.xyz newsinvo.xyz maxinvo.xyz maswwo.xyz anticrsss1-ep.xyz anticrsss-ep.xyz polskadep.xyz prodep.xyz eurship.xyz t1plp.xyz appofficialcomp.xyz miliomp.xyz koliretiop.xyz coivalop.xyz imlop.xyz openaieurop.xyz chain-top.xyz objectop.xyz ltd-programtop.xyz bmoneytop.xyz icoi-app.xyz ico-app.xyz cnaapp.xyz nuskteslapp.xyz mstrapp.xyz opensourapp.xyz newgroupp.xyz teslcorp.xyz sist-eurp.xyz rpss-esp.xyz quntumumesp.xyz metesp.xyz tes1-ssp.xyz wwlosstp.xyz tes-group.xyz kormaxigroup.xyz teswp.xyz nontrzp.xyz polkatrikolorkaq.xyz briskeq.xyz inffoq.xyz netxqq.xyz executq.xyz kappibar.xyz cascar.xyz finansalolanaklar.xyz pasvar.xyz czrlibr.xyz ecspaer.xyz delo-manager.xyz libproger.xyz nfturecher.xyz jpbanker.xyz masler.xyz roommer.xyz ponner.xyz checkerer.xyz myblogsser.xyz impeloter.xyz canmaster.xyz nowmaster.xyz siteregister.xyz globalregister.xyz regiister.xyz widomkoster.xyz frxpower.xyz euprogr.xyz chtmskhr.xyz softfor.xyz mainprogsgor.xyz telomikor.xyz unlim-maximizator.xyz mxzator.xyz ekonomiksektor.xyz myblostor.xyz quiverr.xyz numrr.xyz maxzrrr.xyz nytrr.xyz imo-tr.xyz chaneregstr.xyz lbraregistr.xyz gaztr.xyz programeur.xyz gofrwr.xyz coin-bas.xyz vifas.xyz dashas.xyz fashas.xyz newporas.xyz trdsas.xyz wertas.xyz rockstas.xyz investingssforlabs.xyz fabbs.xyz hoccs.xyz gnltcs.xyz madds.xyz granlids.xyz whatslids.xyz filds.xyz losswlds.xyz molods.xyz lidzavods.xyz ttrds.xyz progofficial-es.xyz sites1es.xyz comtrades.xyz cantrades.xyz comproges.xyz psesp-hes.xyz tslpeoples.xyz tpeoples.xyz programes.xyz rslimes.xyz platformes.xyz chatonlines.xyz bitupes.xyz blogparamujeres.xyz czproftes.xyz new-sites.xyz neggs.xyz slimblogs.xyz maxiprogs.xyz goprogs.xyz donsrprogs.xyz euparths.xyz lbis.xyz offacis.xyz proggis.xyz canpeopleanticris.xyz cananticris.xyz antcris.xyz traikormaks.xyz lidoks.xyz doubls.xyz infopls.xyz now-programs.xyz onlineprograms.xyz whiteprograms.xyz sheiiprograms.xyz onprograms.xyz librprograms.xyz prossystems.xyz aziims.xyz pprogramms.xyz gimms.xyz programmms.xyz trddomms.xyz trddoomms.xyz trrrddoms.xyz trrddoms.xyz trddoms.xyz trdsdoms.xyz trdssdoms.xyz trddooms.xyz newprogrms.xyz dasms.xyz ggcoins.xyz modeons.xyz grm-tons.xyz westterns.xyz infocos.xyz appcos.xyz newstrdinfos.xyz newtrdinfos.xyz newssinfos.xyz reduslios.xyz newinos.xyz eurpos.xyz activepros.xyz tpros.xyz nprogreps.xyz balps.xyz hrapsmps.xyz slimtops.xyz auops.xyz traigroups.xyz canpeopleacrs.xyz pro-masters.xyz gokass.xyz bottass.xyz choosingsuccess.xyz rslimess.xyz momess.xyz autess.xyz bolss.xyz prosystemss.xyz bloginss.xyz plnd-lotoss.xyz onlinerss.xyz neweurss.xyz infosnewss.xyz sirtdiets.xyz toprets.xyz profts.xyz trbests.xyz wlossts.xyz kddus.xyz official-redus.xyz ketoredus.xyz infobadanieeus.xyz prommus.xyz maxymus.xyz primanews.xyz meetonews.xyz coxxs.xyz onlydays.xyz zoologys.xyz ketoplys.xyz kiitoplys.xyz bioliusplys.xyz trdnewstorys.xyz remorsogat.xyz remorrsogat.xyz test-chat.xyz traddchat.xyz plchat.xyz tslchat.xyz canplat.xyz coinplat.xyz plstronat.xyz theinvestingstrat.xyz useinvestingstrat.xyz meetinvestingstrat.xyz getinvestingstrat.xyz constat.xyz champwat.xyz x-act.xyz progreact.xyz ton-project.xyz eurproject.xyz intproject.xyz oficproyect.xyz ronbnget.xyz maximiappmarket.xyz imloperet.xyz plstopiloret.xyz profiactivet.xyz wirtxet.xyz theprojectnft.xyz luisoft.xyz elektrosoft.xyz progofficial-it.xyz revolesbit.xyz slim-fit.xyz careprofit.xyz topprogit.xyz newsystemit.xyz prodsit.xyz sustavlt.xyz secretcount.xyz itunt.xyz mttabot.xyz openmbot.xyz chattbot.xyz taptixot.xyz nwsprspt.xyz g0smart.xyz ptp-ert.xyz opport.xyz facst.xyz progsist.xyz tochnost.xyz winesst.xyz smartst.xyz cchatt.xyz newprojectt.xyz webmarkett.xyz trentt.xyz mastt.xyz fostt.xyz avtprogsystt.xyz viztt.xyz pokut.xyz treatyt.xyz ico-eu.xyz icoi-app-eu.xyz ico-app-eu.xyz ico-apps-eu.xyz infoeu.xyz niacashouteu.xyz ceocashouteu.xyz teocashouteu.xyz escashouteu.xyz crptgenu.xyz maxwithyou.xyz upptoyou.xyz blogforyou.xyz myliveuu.xyz lukzev.xyz sustavlv.xyz oracleinv.xyz cananticrisgov.xyz plprogram-new.xyz grm-new.xyz robtopew.xyz prog-x.xyz nprogmax.xyz pronax.xyz tes-index.xyz fin-flex.xyz tradlix.xyz xdelx.xyz teslx.xyz prl-tlx.xyz tandox.xyz lontox.xyz lorwynx-stox.xyz wodrx.xyz gaffilerx.xyz gaffilerrx.xyz smrtx.xyz maxlux.xyz ammxx.xyz getfreeinvstrategy.xyz recursenergy.xyz imoilcompany.xyz canoilcompany.xyz bigmny.xyz ausmony.xyz onlymony.xyz plfcaty.xyz lipstxkkoty.xyz lipstxkoty.xyz delibeauty.xyz desevy.xyz lavezy.xyz activ-chz.xyz mastercathz.xyz maaximiz.xyz acriz.xyz tasamaxiz.xyz maxuziz.xyz digtalz.xyz aximz.xyz maxmz.xyz pllprogramzmz.xyz plprogramzmz.xyz promasterrz.xyz tsqwz.xyz tp2-axz.xyz # https://infosec.exchange/@jeromesegura/112367128581652654 # Added on: 2024-05-04 rougewaterfront.com incredibleextedwj.shop productivelookewr.shop tolerateilusidjukl.shop shatterbreathepsw.shop shortsvelventysjo.shop alcojoldwograpciw.shop liabilitynighstjsko.shop demonstationfukewko.shop # https://infosec.exchange/@rmceoin/112367634763476407 # Added on: 2024-05-04 99read.net hintguides.com movieanddrama.com myfastupdate.com 29apr.99read.net 4dec1.myfastupdate.com # https://www.sentinelone.com/blog/macos-adload-prolific-adware-pivots-just-days-after-apples-xprotect-clampdown/ # Added on: 2024-05-04 api.availablemac.com api.buffermanager.com api.deployquest.com api.generalmodules.com api.inetprogress.com api.launchelemnt.com api.lookwebresults.com api.navigationbuffer.com api.operativeeng.com api.searchwebmesh.com api.validexplorer.com # https://twitter.com/Unit42_Intel/status/1785739970600116515 # Added on: 2024-05-04 air-frog33.pw analytics-fonts.com api1-jquery.com app-cloudflare.com apple.com-ticket.info assetsclick.com bbcheck.de bg2nz.com bootstrapcdn.site byvlsa.com caraguafm.com.br cdn-bootstrapcdn.com cdn-dataservice.com cdn-getnet.digital cdn-google-tag.info cdn-report.com cdn27-bigcommerce.com cdn32-bigcommerce.com cdn41-bigcommerce.com cdn5-cloudflare.com cdn6-cloudflare.com cdn.nigntboxcdn.com cdn.stripe.ngrok.io cdn.v2board-cdn.tech cdnanalytics.info cdnreport.net chatssl.com chatwareopenalgroup.net checkdata.info clockrepairs.us cloudflary.xyz colorfultextile.jp com-checking-valid.com com-coincover.com controls.wpenginepowered.com cssjs.co cssjs.lt cursosunipro.com.br data1-jquery.com datacheckcdn.com elleciastro.com establish-coinbase.com estylecdn.co fellsogood43.pw fender-analytics.com filebunker.ru fonts-analytics.com fraudscorechecker.com frigomobil.ro gioogle.com google-site-verification.com host-file-host6.com is-cloudbase.com is-cloudbase.net is-cloudbase.org j2.is jasmineaddis.com jquerycdnbucket.com jqueryfact.com jquerylib-min.net js-cloudbase.com js-cloudserver.com js1-cloudflare.com js10-cloudflare.com js11-cloudflare.com js12-bigcommerce.com js2-cloudflare.com js3-cloudflare.com js4-cloudflare.com js5-cloudflare.com js7-cloudflare.com js8-cloudflare.com jscss.co jshost.org jsmin.co jspri.co karte.mycompany.lv klinto2u.info labrasaburger.com.br magentoposs.com meryemceehome.com nodejscript.net pattys.it payslibrarys.online peopleschoice-portal.com prconsultorexecutivo.com.br privacy-tools-for-you-453.com reserveconfirm.com sbbancadas.com.br script-hotjar.com scriptb.com server-css.com server612-bigcommerce.com side-guard.com soacabamentos.com ssl-google-analytics.com statefiarm.com static1-jquery.com static2-jquery.com static3-jquery.com static4-jquery.com static5-jquery.com staticlitycis.com sunny.pet traffic-check.com tudoartedigital.com.br websiteanalytics.top woocommerce.im woocomnnerce.com server612-bigcommerce.com # https://bird.makeup/users/crep1x/statuses/1785766443226640666 # Added on: 2024-05-04 trxh.xyz trxh.xyz trxq.xyz trxu.xyz # https://bird.makeup/users/merlax_/statuses/1786179599346401698 # Added on: 2024-05-04 dramarcelarodriguesd.com linkcarconsorcios.simple-url.com # https://infosec.exchange/@jeromesegura/112378185968829608 # Added on: 2024-05-04 saltysour.com advanced-ip-scan.org giaoanso.com # https://cloud.google.com/blog/topics/threat-intelligence/untangling-iran-apt42-operations?linkId=9736774 # Added on: 2024-05-04 acconut-signin.com account-signin.com accounts-mails.com accredit-validity.online accurate-sprout-porpoise.glitch.me activity-permission.online admin-stable-right.top admiscion.online admit-roar-frame.top advission.online affect-fist-ton.online aspenlnstitute.org avid-striking-eagerness.online azadlliq.info beaviews.online besvision.top bitly.org.il bloom-flatter-affably.top book-download.shop bq-ledmagic.online briview.online businesslnsider.org chat-services.online check-online-panel.live check-pabnel-status.live check-panel-status.live check-short-panel.live confirmation-process.top connection-view.online continue-meeting.site continue-recognized.online coordinate.icu cvisiion.online d75.site daemon-mailer.co daemon-mailer.info dloffice.buzz dloffice.top drive-access.site drive-file-share.site ecomonist.org email-daemon.biz email-daemon.biz.tinurls.com email-daemon.online email-daemon.online.tinurls.com email-daemon.site endorsement-services.online eocnomist.com foreiqnaffairs.com foreiqnaffairs.org forieqnaffairs.com fortune-retire-home.top g-online.org geaviews.site glory-uplift-vouch.online go-conversation.lol go-forward.quest gview.site home-continue.online home-proceed.online identifier-direction.site indication-service.online israelhayum.com join-paneling.online jpost.press jpostpress.com khaleejtimes.org khalejtimes.org ksview.top last-check-leave.buzz litby.us live-project-online.live live-projects-online.top loriginal.online m85.online maariv.net mail-roundcube.site mailer-daemon.info mailer-daemon.us mailerdaemon.online mccainlnstitute.org meeting-online.site mterview.site myaccount-signin.com nterview.site online-access.live online-processing.online online-video-services.site ovcloud.online panel-check-short.live panel-live-check.online panel-short-check.live panel-view-short.online panel-view.live panel-view.online panel-views-cheking.live panelchecking.live paneling-viewing.live panels-views-ckeck.live pannel-get-data.us prism-west-candy.glitch.me quomodocunquize.site recognize-validation.online reconsider.site revive-project-live.online s20.site s51.online s59.site short-url.live short-view.online shortenurl.online shorting-ce.live shortingurling.live shortlinkview.live shortulonline.live shoting-urls.live signin-acconut.com signin-accounts.com signin-mail.com signin-mails.com signin-myaccounts.com simple-process-static.top status-short.live stellar-roar-right.buzz support-account.xyz sweet-pinnacle-readily.online tcvision.online themedealine.org timesfisrael.com title-flow-store.online tnt200.mywire.org twision.top ushrt.us vanityfaire.org verify-person-entry.top view-cope-flow.online view-panel.live view-pool-cope.online view-total-step.online viewstand.online viewtop.online virtue-regular-ready.online washingtonlnstitute.org washinqtonpost.press we-transfer.shop ynetnews.press youronlineregister.com youtransfer.live # https://www.validin.com/blog/expanding-apt42-intelligence-with-validin/ # Added on: 2024-05-04 permission-data.online meeting-share.online files-archive.online share-meeting.online modification-check.online direction-check.online allow-permission.online 15248636.site activity-179384736.site web-getdata.site jubilatesee.site online-meeting.site short-modification.site direction-session-verify.site france24.live videocallservice.live paneling-check-live.live paneling-cheking-df.live pnael-checking.live shorting-urling.live short-urling.live shorturling.live 3dauth.live shortoni.live conferencecall.live panel-status-join.live confirm-validation.mywire.org gatestonelnstitute.org atlanticconucil.org continue-recognized.hopto.org review-session.hopto.org session-review.hopto.org confirmation-verify.hopto.org confirm-validity.hopto.org businessinssider.org responsiblestatcraft.org safeshortl.ink clarification.network products-services.network accredit.network recognize-validation.theworkpc.com accounts-drive.com account-drive.com atlanticcuoncil.com drive-signin.com account-siqnin.com confirm-verify.servepics.com tinurls.com drive-acconuts.com drive-account.com drive-acconut.com centrallibrary.info elated-supportive-exultation.top un-call.services continue-recognized.ddns.net eatonthehotground.ddns.net schoolofpinkmice.ddns.net identifier-service.ddns.net verify-corroborate.ddns.net digitalpufferfish.ddns.net validation-confirm.ddns.net flowerskindergarten.ddns.net identity-session.ddns.net confirm-validation.ddns.net oceanofinformation.ddns.net confirm-direction.ddns.net strainitiatives.ddns.net identifier-direct.ddns.net ourredbucket.ddns.net validity-accredit.ddns.net thefireisburnt.ddns.net africanblackwidow.ddns.net modification-verify.ddns.net identifier-verify.ddns.net direction-veracity.ddns.net accredit-validity.ddns.net confirm-integrity.ddns.net # https://rmceoin.github.io/malware-analysis/2024/05/07/clearfake2.html # Added on: 2024-05-08 akademipraktik.com rtattack.baqebei1.online valentinedaycard.com # https://www.zscaler.com/blogs/security-research/hijackloader-updates # Added on: 2024-05-08 discussiowardder.website # https://bird.makeup/users/validinllc/statuses/1785403121323090320 # Added on: 2024-05-08 wetaxnote.site nexons.shop koreaair.shop linkedlri.cloud # https://bird.makeup/users/validinllc/statuses/1784948155051610425 # Added on: 2024-05-08 wsj.webserve.workers.dev fl.samsungshopify.ir fl.7s9r.ir fl.derakhtedaneshi.ir arts.spotylife.ir sub.nimartltd.ir wsj.pm flcdn.samsungshopify.ir arts.ghazalamini.ir nimartltd.ir testsite2023.store fl.aghanima.ir flcdn.7s9r.ir smtl.spotylife.ir wls.lbcc.workers.dev fl.daryayebikaran.ir ghazalamini.ir hero.morphling.ir fl.nimartltd.ir www.wsj.pm flcdn.youroldgames.ir flcdn.asbeabijoon.ir irc2.spotylife.ir cnwsj.2060y.workers.dev financial.patrickring.net cdn.ghazalamini.ir herkolvg.amir27386.win mrfl.morphling.ir www.testsite2023.store fl.libraryriazi.ir irc7.spotylife.ir irc5.spotylife.ir irc13.spotylife.ir irc11.spotylife.ir flcdn.aronafsharmeds.ir fl.aronafsharmeds.ir irc10.spotylife.ir www.finacial.patrickring.net flcdn.myoldgames.ir flcdn.daryayebikaran.ir fl.musicbarani.ir irc6.spotylife.ir srv2.spotylife.ir home.morphling.ir # https://infosec.exchange/@jeromesegura/112406682440389464 # Added on: 2024-05-08 inkckape.org utm-adschuk.com # https://www.elastic.co/security-labs/spring-cleaning-with-latrodectus # Added on: 2024-05-24 aytobusesre.com scifimond.com gyxplonto.com neaachar.com # https://bird.makeup/users/whichbufferarda/statuses/1581332837814636545 # Added on: 2024-05-24 bayraktar.fun # https://bird.makeup/users/whichbufferarda/statuses/1580639899786452992 # Added on: 2024-05-24 redirect7292.buzz # https://bird.makeup/users/whichbufferarda/statuses/1607461599756931074 # Added on: 2024-05-24 trbiriumpa.com # https://bird.makeup/users/whichbufferarda/statuses/1614712865834864641 # Added on: 2024-05-24 rfnajpy-qrn-8.ml # https://bird.makeup/users/whichbufferarda/statuses/1656989819589763072 # Added on: 2024-05-24 safe.doc-share.cloud # https://research.checkpoint.com/2024/sharp-dragon-expands-towards-africa-and-the-caribbean/ # Added on: 2024-05-24 schemas.openxmlformats.shop dueog.xyz # https://infosec.exchange/@jeromesegura/112496851989094715 # Added on: 2024-05-24 calenserty.com # https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/hellhounds-operation-lahat-part-2/ # Added on: 2024-05-26 beacon.net.eu.org c.glb-ru.info claudfront.net maxpatrol.net nsdps.cc rcsmf100.net wmssh.com dw-filter.com net-sensors.net mvs05.zyns.com # https://asec.ahnlab.com/ko/65918/ # Added on: 2024-05-28 www.yah00.o-r.kr www.aslark.kro.kr www.aslark1.kro.kr www.lazor.kro.kr www.devf.n-e.kr www.lazor.kro.kr www.lfgu.n-e.kr www.lazor.kro.kr www.luvb.n-b.kr www.navver.o-r.kr w3.navver.o-r.kr www.kepir.p-e.kr www.kepir.p-e.kr # https://www.zscaler.com/blogs/security-research/technical-analysis-anatsa-campaigns-android-banking-malware-active-google # Added on: 2024-05-28 becorist.com menusand.com # https://www.microsoft.com/en-us/security/blog/2024/05/28/moonstone-sleet-emerges-as-new-north-korean-threat-actor-with-new-bag-of-tricks/ # Added on: 2024-05-29 bestonlinefilmstudio.org blockchain-newtech.com ccwaterfall.com chaingrown.com defitankzone.com detankwar.com freenet-zhilly.org matrixane.com pointdnt.com starglowventures.com mingeloem.com # https://www.esentire.com/blog/fake-browser-updates-delivering-bitrat-and-lumma-stealer # Added on: 2024-05-30 chatgpt-app.cloud demonstationfukewko.shop tolerateilusidjukl.shop accountasifkwosov.shop liabilitynighstjsko.shop shortsvelventysjo.shop productivelookewr.shop alcojoldwograpciw.shop incredibleextedwj.shop shatterbreathepsw.shop # https://infosec.exchange/@jeromesegura/112531661509144906 # Added on: 2024-05-31 concuur.net concuur.org concuur.com concur2024.com # https://blog.cloudflare.com/disrupting-flyingyeti-campaign-targeting-ukraine # Added on: 2024-06-01 worker-polished-union-f396.vqu89698.workers.dev postdock.serveftp.com # https://infosec.exchange/@jeromesegura/112539034214016536 # Added on: 2024-06-01 angryipo.org cdn-web-server1.techserver01.workers.dev # https://www.zscaler.com/blogs/security-research/operation-endgame-smoke # Added on: 2024-06-01 akmedia.in bethesdaserukam.org galandskiyher5.com gxutc2c.com host-file-host6.com host-host-file8.com humman.art kkudndkwatnfevcaqeefytqnh.top nidoe.org nuljjjnuli.org servermlogs27.xyz trad-einmyus.com trybobry.com.ua uohhunkmnfhbimtagizqgwpmv.to vacantion18ffeu.cc whxzqkbbtzvdyxdeseoiyujzs.co # https://www.fortinet.com/blog/threat-research/menace-unleashed-excel-file-deploys-cobalt-strike-at-ukraine # Added on: 2024-06-03 goudieelectric.shop simonandschuster.shop # https://infosec.exchange/@rmceoin/112554574109218956 # Added on: 2024-06-03 helpout.live www.screenleap.com here.valuedpost.com # https://www.threatdown.com/blog/clearfake-walkthrough-06-03-2024/ # Added on: 2024-06-04 pley.es s9l0w7n3y5.xyz drinkresources.rest grazeinnocenttyyek.shop horsedwollfedrwos.shop patternapplauderw.shop understanndtytonyguw.shop considerrycurrentyws.shop messtimetabledkolvk.shop detailbaconroollyws.shop deprivedrinkyfaiir.shop relaxtionflouwerwi.shop artservice.online # https://blog.talosintelligence.com/new-banking-trojan-carnavalheist-targets-brazil/ # Added on: 2024-06-05 notafiscaleletronica.nf-e.pro nota-fiscal.nfe-digital.top nfe-visualizer.app.br adobe-acrobat-visualizer.brazilsouth.cloudapp.azure.com abrir-documento-adobe-reader-1.brazilsouth.cloudapp.azure.com # https://infosec.exchange/@kyleehmke/112565479776991772 # Added on: 2024-06-07 owamfa.email # https://infosec.exchange/@jeromesegura/112567166509525129 # Added on: 2024-06-08 angry-ip.org angry-ip.com # https://news.sophos.com/en-us/2024/06/05/operation-crimson-palace-a-technical-deep-dive/ # Added on: 2024-06-08 cloud.keepasses.com scancenter.trendrealtime.com associate.feedfoodconcerning.info associate.freeonlinelearningtech.com msudapis.info associate.freeonlinelearning.com message.ooguy.com www.googlespeedtest33.com # https://asec.ahnlab.com/en/66300/ # Added on: 2024-06-08 jenniferwelsh.com mylittlecabbage.net linktoxic34.com dogmupdate.com www.rockcreekdds.com flexiblemaria.com # https://www.trendmicro.com/en_us/research/24/f/commando-cat-a-novel-cryptojacking-attack-.html # Added on: 2024-06-08 leetdbs.anondns.net # https://cert.gov.ua/article/5098518 # Added on: 2024-06-08 goudieelectric.shop thevegan8.shop simonandschuster.shop everything-everywhere.at.ply.gg carpetmarker.pw # https://www.deepinstinct.com/blog/uncorking-old-wine-zero-day-cobalt-strike-loader # Added on: 2024-06-08 weavesilk.space petapixel.fun # https://blog.talosintelligence.com/darkgate-remote-template-injection/ # Added on: 2024-06-08 badbutperfect.com withupdate.com irreceiver.com backupitfirst.com goingupdate.com buassinnndm.net # https://www.fortinet.com/blog/threat-research/new-agent-tesla-campaign-targeting-spanish-speaking-people # Added on: 2024-06-08 ilang.in equalizerrr.duckdns.org uploaddeimagens.com.br ftp.fosna.net # https://infosec.exchange/@jeromesegura/112577476268648811 # Added on: 2024-06-09 homemadedeliciousfood.site # https://jp.security.ntt/tech_blog/controlplug # Added on: 2024-06-12 versaillesinfo.com lifeyomi.com profilepimpz.com lebohdc.com shreyaninfotech.com buyinginfo.org gulfesolutions.com # https://www.genians.co.kr/blog/threat_intelligence/interview # Added on: 2024-06-12 temp.demetradesign.it orientedworld.com profilepimpz.com # https://cyble.com/blog/vietnamese-entities-targeted-by-china-linked-mustang-panda-in-cyber-espionage/ # Added on: 2024-06-12 mega.vlvlvlvl.site payment.tripadviso.online vibm.vn megacybernews.com # https://www.zscaler.com/blogs/security-research/technical-analysis-latest-variant-valleyrat # Added on: 2024-06-12 2024aasaf.oss-cn-hongkong.aliyuncs.com wenjian2024.com 2024fapiao.oss-cn-hongkong.aliyuncs.com scpgjhs.com tzsxr.com mtw.so kfurl.cn fpwenj.zhangyaodong5.com # https://infosec.exchange/@rmceoin/112599816162244210 # Added on: 2024-06-13 blocking.lunavattuone.com urchin-app-2-p3hvj.ondigitalocean.app # https://infosec.exchange/@rmceoin/112599178323249088 # Added on: 2024-06-13 2collar.agrcwv.org # https://infosec.exchange/@threatinsight/112615827278929440 # Added on: 2024-06-16 www.datatrail.xyz www.todaystrackisfast.com hoawaa.top hebrewgoo.shop # https://infosec.exchange/@jeromesegura/112617737921756086 # Added on: 2024-06-16 wiindirstat.net pan-vital.com # https://www.welivesecurity.com/en/eset-research/arid-viper-poisons-android-apps-with-aridspy/ # Added on: 2024-06-17 gameservicesplay.com crashstoreplayer.website reblychat.com proj3-1e67a.firebaseio.com proj-95dae.firebaseio.com proj-2bedf.firebaseio.com proj-54ca0.firebaseio.com project44-5ebbd.firebaseio.com www.palcivilreg.com analyticsandroid.com almoshell.website orientflags.com elsilvercloud.com www.lapizachat.com lapizachat.com alwaysgoodidea.com nortirchats.com ultraversion.com # https://blog.talosintelligence.com/cosmic-leopard/ # Added on: 2024-06-17 androidmetricsasia.com dl01.mozillasecurity.com officelibraries.com javacdnlib.com windowsupdatecloud.com webbucket.co.uk craftwithme.uk sexyber.net rockamore.co.uk androidsdkstream.com playstoreapi.net sdklibraries.com cvscout.uk zclouddrive.com jdklibraries.com cloudieapp.net androidadbserver.com androidwebkit.com teraspace.co.in # https://infosec.exchange/@cyberamateur/112631981353141384 # Added on: 2024-06-18 x99y.xyz ebaafrance.fr # https://bird.makeup/users/1zrr4h/statuses/1801010397069087017 # Added on: 2024-06-18 mbycket45344.s3.eu-north-1.amazonaws.com # https://infosec.exchange/@jeromesegura/112651000556454989 # Added on: 2024-06-21 frecad3ds.org # https://research.checkpoint.com/2024/rafel-rat-android-malware-from-espionage-to-ransomware-operations/ # Added on: 2024-06-21 districtjudiciarycharsadda.gov.pk kafila001.000webhostapp.com uni2phish.ru zetalinks.tech ashrat.000webhostapp.com bazfinc.xyz discord-rat23.000webhostapp.com # https://infosec.exchange/@jeromesegura/112656125028915509 # Added on: 2024-06-22 advanc3d-1p-scan3r.com advanced-ip-scanner.f1pq.com # https://www.recordedfuture.com/redjuliett-intensifies-taiwanese-cyber-espionage-via-network-perimeter # Added on: 2024-06-25 cktime.ooguy.com www.sofeter.ml www.dns361.tk # https://blog.talosintelligence.com/sneakychef-sugarghost-rat/ # Added on: 2024-06-25 account.drive-google-com.tk account.gommask.online # https://infosec.exchange/@monitorsg/112661897529894106 # Added on: 2024-06-25 mdasidy72.mom weoleycastletaxis.co.uk weoleycastletaxis.co.uk # https://infosec.exchange/@jeromesegura/112672583185561736 # Added on: 2024-06-25 arcthost.org arc-download.com zestyahhdog.com # https://asec.ahnlab.com/ko/67034/ # Added on: 2024-06-26 beebeep.info www.jikji.pe.kr