MasquerAds IOCs

phishing IOC

Недавно обнаруженная техника злоупотребления мощной рекламной платформой Google ad-words приводит к массовому распространению мошеннических продвигаемых результатов поиска. Указывая на якобы заслуживающие доверия рекламные сайты, которые полностью контролируются субъектами угроз, они используются для маскировки и перенаправления пользователей рекламы на вредоносные фишинговые страницы, получая мощный авторитет и целевые возможности результатов поиска Google.

Добавляя специализированные полезные нагрузки, угрожающие субъекты поднимают планку успешного внедрения вредоносного ПО на персональные ПК с помощью таких рекламных слов, как Grammarly, Malwarebytes и Afterburner, а также Visual Studio, Zoom, Slack и даже Dashlane для поражения организаций.

Indicators of Compromise

IPv4

  • 185.149.120.9
  • 46.8.153.43

Domains

  • 7-zlp.xyz
  • afteerbumers.online
  • afterburmmeer.fun
  • afterburmmeer.store
  • afterburmmer.store
  • afterrbburner.online
  • afterrbburner.space
  • afterrbburnerr.shop
  • afterrburnerr.click
  • afterrbuurner.fun
  • afterrbuurner.pw
  • aftersburmers.site
  • aftterbumer.fun
  • aftterbumers.art
  • alaskafurnaces.com
  • alwarebytes-download.org
  • anydescks.com
  • anydeskse.com
  • apple.com-login.org
  • atilk.com
  • autodeskst.com
  • axelarnetwark.online
  • b1ender.org
  • bbrawe.online
  • bbrawe.pw
  • blenber.live
  • blenber.online
  • blendeer.pro
  • blendem3d.org
  • blendemh.com
  • blender-3d.gecouae.com
  • blender3d.jmjbuyscars.com
  • blender3d.kidsjollyclub.com
  • blender-3d-link.me
  • blender-app.net
  • blender-download.com
  • blender-download.org
  • blendere3d.com
  • blenderer3d.com
  • blenderer3d.org
  • blenderm3d.org
  • blendernim.com
  • blendernip.com
  • blendero.org
  • blenderon.org
  • blenderone.org
  • blenderseb.com
  • blender-studio.com
  • blendertew.com
  • blendervam.com
  • blendervas.com
  • blenderz.click
  • blendreorg.protoyak.com
  • blendres.us
  • bleneder3d.com
  • bleneder3d.org
  • blenedere3d.org
  • blenedre3d.com
  • blenedrer3d.com
  • blenedrer3d.org
  • blenender3d.com
  • blenerde3d.com
  • blennder3d.com
  • blenndere3d.com
  • blenndere3d.org
  • blenndree3d.org
  • bllender.art
  • braave.pw
  • brawwe.fun
  • brawwe.website
  • brawwee.fun
  • brawwee.online
  • brawwee.pw
  • brawwee.site
  • brawwee.space
  • brawwee.website
  • burnavtermsi.space
  • burnermsituner.site
  • code.vlsualstudio.com
  • damsoninstitutes.com
  • dasnlane.click
  • dasnlane.site
  • dasnlane.xyz
  • dasnlanee.online
  • ever-note.net
  • flrcthorlzon.fun
  • flrstharlzon.xyz
  • frce.nvilldia.site
  • getpillonline.com
  • gfrce.ninnvidiia.site
  • gfrce.nioiviidlia.site
  • gfrce.niumvidia.site
  • gfrce.nividdia.site
  • gfrce.nividia.site
  • gfrce.niviiildia.site
  • gfrce.nlvldlia.site
  • gfrce.nvidie.site
  • gfrce.nviidliaa.site
  • gfrce.nvliadia.site
  • gifese.niqewvideia.site
  • gifrse.nioowqevid.site
  • gnammarly.com
  • goforse.nivoiuqweda.site
  • grammalry.org
  • gramm-arly.com
  • grammarly.harpsympitar.com
  • grammartly.org
  • grarnrnarly.com
  • llbreofflce.xyz
  • m-afterbbumer.art
  • m-afterbbumers.lol
  • m-afterbumer.homes
  • m-afterbumer.shop
  • m-afterbummeer.online
  • m-afterbummer.site
  • m-afterbunar.shop
  • malwraebytes.com
  • martlanwalel.online
  • metatrader5bot.com
  • misafterpurnier.space
  • ms1afterpurnier.xyz
  • msi.afterburrner.com
  • msiafetrburner.com
  • msiaffterburner.com
  • msi-afterbarner.com
  • msiafterrburners.site
  • msiafvterberner.com
  • msi-asalburner.site
  • msi-atferbunrer.appermonti.com
  • msi-atferbunrer.unikamail.com
  • msiavterpurner.com
  • msiburnberafter.online
  • msiburneraftir.site
  • msiburneraftir.space
  • msiburneravter.shop
  • msiburneravter.site
  • msiiaf.online
  • msiiafterburner.com
  • msirivatuuner.space
  • mslaf.site
  • mslaffteburnerss.site
  • msl-afieburners.pw
  • msl-afteburnerks.website
  • mslafteburnerns.pw
  • msl-afteburnerns.site
  • mslafterbumer.fun
  • mslafterbuumer.fun
  • msl-afturbarner.shop
  • msl-afturbarner.website
  • msl-afturbumeerr.website
  • msl-afturbummeer.xyz
  • mslll.store
  • nicehash-miner.com
  • nvdla.expleiwrqse.site
  • n-vidia-download.website
  • nvidla.eksplierense.site
  • obsfrogects.website
  • obspragektq.us
  • obsproector.click
  • obsprojects.pw
  • obsprojject.com
  • obsptrogects.space
  • offlcelibre.online
  • pierrelanscapes.com
  • rivatunerrr.space
  • samouraivvallel.xyz
  • slacks.life
  • slaks.pw
  • sllakc.pw
  • teamwieever.online
  • teamwieever.xyz
  • thunder-blrd.com
  • tnadingview.com
  • tor-project.pro
  • tor-project.xyz
  • traidlngvieew.site
  • traidlngvieew.xyz
  • traidlngview.art
  • traidlngview.com
  • traidlngview.shop
  • traidlngview.site
  • traidlngview.xyz
  • trorlink.com
  • utoisjf.shop
  • utonsbla.shop
  • utorrem.com
  • utotzjlw.shop
  • wideolan.club
  • wideolan.xyz
  • win-rar.naijaeyesblog.com
  • xn--msafterburner-jib.com
  • xn--obsprject-z6a.com
  • zksyncio.online
  • zksyncio.xyz
  • zoonus-supportdownioad.g33k3ry.com

URLs

  • http://addictionrecoverymarketing.com/gf/download.php
  • http://blendere3d.com/download.html
  • http://blenderer3d.com/download.html
  • http://blenderer3d.org/download.html
  • http://blenderm3d.org/download.html
  • http://blendreorg.protoyak.com/dl.php
  • http://bleneder3d.com/download.html
  • http://bleneder3d.org/download.html
  • http://blenedere3d.org/download.html
  • http://blenedre3d.com/download.html
  • http://blenedrer3d.com/download.html
  • http://blenender3d.com/download.html
  • http://blenerde3d.com/download.html
  • http://blennder3d.com/download.html
  • http://blenndere3d.com/download.html
  • http://blenndere3d.org/download.html
  • https://cdn.discordapp.com/attachments/1001817794473631826/1043930645937799238/Setup.zip
  • https://cdn.discordapp.com/attachments/1001817794473631826/1047282707727655003/SoftwareInstall.zip
  • https://cdn.discordapp.com/attachments/1001817794473631826/1047720157981720608/SoftwareSetupFile.zip
  • https://cdn.discordapp.com/attachments/1017336719412056084/1040643782057656330/DavinciResolve.zip
  • https://cdn.discordapp.com/attachments/1023203506246660096/1047963139964162148/setupx64.zip
  • https://cdn.discordapp.com/attachments/1023946433453375560/1042551427794473021/Mullvad.zip
  • https://cdn.discordapp.com/attachments/1036597774722007101/1040361606938361856/Audacity.zip
  • https://cdn.discordapp.com/attachments/1045112299033206857/1046691953439416402/Logitech_Setup.zip
  • https://cdn.discordapp.com/attachments/1045112299033206857/1049819615875825774/Setup.zip
  • https://cdn.discordapp.com/attachments/1045112299033206857/1050498324068847656/SetupSoftware.zip
  • https://cdn.discordapp.com/attachments/1045435412446978130/1046016913211404418/Recuva_setup.zip
  • https://cdn.discordapp.com/attachments/1045435412446978130/1047113681999253574/Recuva_setup.zip
  • https://cdn.discordapp.com/attachments/1046429988326477837/1046512694888505385/SoftwareSetupFile.zip
  • https://cdn.discordapp.com/attachments/1047145161274175561/1048065400195252307/TelegramDesktop.zip
  • https://cdn.discordapp.com/attachments/1047926555432714312/1047927966677614683/SoftwareSetupFile.zip
  • https://cdn.discordapp.com/attachments/1047926555432714312/1047930330578964510/SoftwareSetupFile.zip
  • https://cdn.discordapp.com/attachments/1047926555432714312/1049631207157153822/SoftwareSetup.zip
  • https://cdn.discordapp.com/attachments/1047926555432714312/1050423230571237426/SoftwareSetup.zip
  • https://cdn.discordapp.com/attachments/1048349315208327230/1048958975405736016/Software_Setup_File.zip
  • https://cdn.discordapp.com/attachments/1048930927843229779/1049365226543386708/Anydesctop_winx64.zip
  • https://cdn.discordapp.com/attachments/1050403453924548608/1050403574372372490/Setup.zip
  • https://cdn.discordapp.com/attachments/1051608198123106406/1052241352257187861/SoftSetup.zip
  • https://cdn.discordapp.com/attachments/813502613366505504/1044539598770032730/Setup.zip
SEC-1275-1
Добавить комментарий