ioc[.]one - OSINT Cyber Threat Intelligence Database

RedAlpha Conducts Multi-Year Credential Theft Campaign Targeting Global Humanitarian, Think Tank, and Government Organizations

Show in Graph

Common Information

Type	Value
UUID	3d23f245-b8fa-4e8e-a81a-50786010214a
Fingerprint	c1482c004fd132fb4cc1d2e09570e1563959cbb434b3a12c27f882c96f645db5
Analysis status	DONE
Considered CTI value	2
Text language
Published	Aug. 15, 2022, 10:15 p.m.
Added to db	March 10, 2024, 1:27 a.m.
Last updated	Aug. 31, 2024, 3:16 a.m.
Headline	RedAlpha Conducts Multi-Year Credential Theft Campaign Targeting Global Humanitarian, Think Tank, and Government Organizations
Title	RedAlpha Conducts Multi-Year Credential Theft Campaign Targeting Global Humanitarian, Think Tank, and Government Organizations
Detected Hints/Tags/Attributes	113/3/69

Source URLs

	Redirection	Url
Details	Source	https://go.recordedfuture.com/hubfs/reports/ta-2022-0816.pdf

URL Provider

Details	Provider	Source level domain
Details	recordedfuture.com	go.recordedfuture.com

Attributes

Details	Type	#Events	Value
Details	Domain	546	www.recordedfuture.com
Details	Domain	3	resellerclub.com
Details	Domain	1	amcham.space
Details	Domain	1	milfiles.download
Details	Domain	1	outlookfiles.download
Details	Domain	1	files-fidh.org
Details	Domain	1	my-rfa.org
Details	Domain	1	mydrive-taitra.link
Details	Domain	1	files-itamaraty-gov.space
Details	Domain	1	itamaraty-gov.com
Details	Domain	1	files-mne.space
Details	Domain	1	mydrive-mne-pt.space
Details	Domain	1	mofa-vn.online
Details	Domain	1	settings-mofavn.online
Details	Domain	1	drive-mofa-vn.online
Details	Domain	1	files-mfa.link
Details	Domain	1	filesmofa-gov.com
Details	Domain	1	mydrive-mofa.space
Details	Domain	1	drive-mofa.com
Details	Domain	1	my-mofa.space
Details	Domain	1	files-mofa.space
Details	Domain	1	mofa-gov.site
Details	Domain	1	mofasec.site
Details	Domain	1	files-mofa.com
Details	Domain	1	files-mofa.link
Details	Domain	1	ait-org.tw
Details	Domain	1	files-ait.link
Details	Domain	1	files-ait.org
Details	Domain	1	my-ait.link
Details	Domain	1	files-taitra.org
Details	Domain	1	myfiles-dpp.link
Details	Domain	1	my-dpp.org
Details	Domain	1	dppmail.download
Details	Domain	1	files-dpp.org
Details	Domain	1	files-dpp.space
Details	Domain	1	files-cier-edu.link
Details	Domain	1	files-cier.link
Details	Domain	1	files-mail-indsr.link
Details	Domain	1	moea.site
Details	Domain	1	files-nic.online
Details	Domain	1	files-mne.online
Details	Domain	1	mydrive-google.online
Details	Domain	16	sina.com
Details	Domain	1	edit-yahoo.space
Details	Domain	1	mail-protect.space
Details	Domain	1	mail-method.space
Details	Domain	1	phpinfo.pw
Details	Domain	1	microbug.info
Details	Domain	179	hotmail.com
Details	Domain	85	163.com
Details	Domain	1	drive-mail.space
Details	Domain	3	mail-dsi-go.space
Details	Domain	1	files-dsi-go-th.link
Details	Domain	1	files-dsi-go.space
Details	Domain	1	mail-mg16-yahoo.cf
Details	Domain	1	mg12-mail.link
Details	Domain	265	recordedfuture.com
Details	Email	3	girder1992@hotmail.com
Details	Email	1	deepcliff@sina.com
Details	IPv4	1	172.245.81.180
Details	IPv4	1	107.172.39.25
Details	IPv4	1	45.114.125.130
Details	IPv4	1	118.99.51.31
Details	IPv4	1	115.126.25.13
Details	Threat Actor Identifier - APT	522	APT41
Details	Threat Actor Identifier - APT	78	APT3
Details	Threat Actor Identifier - APT	278	APT10
Details	Threat Actor Identifier - APT	166	APT31
Details	Threat Actor Identifier - APT	143	APT40