ioc[.]one - OSINT Cyber Threat Intelligence Database

The Hacker Infrastructure and Underground Hosting: Services Used by Criminals

Show in Graph

Common Information

Type	Value
UUID	4903fa57-f6ac-46c5-9609-b48192712f62
Fingerprint	f138dac1ba5a39e55f401d733daab3fd95c78bc2bcba2415d9e73f2f92d8b59a
Analysis status	DONE
Considered CTI value	1
Text language
Published	Aug. 26, 2020, 7:18 p.m.
Added to db	April 14, 2024, 11:29 a.m.
Last updated	Aug. 30, 2024, 10:58 p.m.
Headline	The Hacker Infrastructure and Underground Hosting: Services Used by Criminals
Title	The Hacker Infrastructure and Underground Hosting: Services Used by Criminals
Detected Hints/Tags/Attributes	260/3/86

Source URLs

	Redirection	Url
Details	Source	https://documents.trendmicro.com/assets/white_papers/wp-the-hacker-infrastructure-and-underground-hosting-services-used-by-criminals.pdf

URL Provider

Details	Provider	Source level domain
Details	trendmicro.com	documents.trendmicro.com

Attributes

Details	Type	#Events	Value
Details	Domain	245	shutterstock.com
Details	Domain	1	xxxxxxx.com
Details	Domain	154	urlscan.io
Details	Domain	1	35exchanges329p29p7englehart.fun
Details	Domain	1	n-dns.hosting
Details	Domain	1	35exchanges329p29p7englehartsafemail-tuduma.fun
Details	Domain	1	newport.ooo
Details	Domain	1	s-es-05798.ooo
Details	Domain	1	s-es-15324.ooo
Details	Domain	1	s-es-70263.ooo
Details	Domain	1	s-es-89071.ooo
Details	Domain	1	lectronica-abanca.ooo
Details	Domain	2	rum.org
Details	Domain	1	umn.top
Details	Domain	1	unm.top
Details	Domain	1	uum.top
Details	Domain	1	erwalletr.top
Details	Domain	1	ermalletr.top
Details	Domain	1	erwallett.top
Details	Domain	1	erwallets.top
Details	Domain	21	letsencrypt.org
Details	Domain	10	afraid.org
Details	Domain	13	finance.yahoo.com
Details	Domain	360	attack.mitre.org
Details	Domain	604	www.trendmicro.com
Details	Domain	19	www.hybrid-analysis.com
Details	Domain	2	grugq.github.io
Details	Domain	177	blog.trendmicro.com
Details	Domain	4127	github.com
Details	Domain	3	boxun.com
Details	Domain	151	www.bbc.com
Details	Domain	403	securelist.com
Details	Domain	18	exchange.xforce.ibmcloud.com
Details	Domain	261	blog.talosintelligence.com
Details	Domain	55	otx.alienvault.com
Details	Domain	251	www.bleepingcomputer.com
Details	Domain	52	blog.cloudflare.com
Details	Domain	14	www.internetsociety.org
Details	Domain	4	www.eurecom.fr
Details	Domain	202	krebsonsecurity.com
Details	Domain	57	www.theregister.com
Details	Domain	1	www.bcsatellite.net
Details	Domain	2	forum.mikrotik.com
Details	File	1	ukrainian-hacker-sought-us-arrested-152808009.html
Details	File	1	cf9014b2.exe
Details	File	1	compromised-sites.html
Details	File	1	rs-publi-3919.pdf
Details	File	40	viewtopic.php
Details	Github username	1	trojan-gfw
Details	Github username	2	valdikss
Details	Github username	1	katmagic
Details	md5	1	a0c4a4b58832c050569ae0d5cd3a5549
Details	MITRE ATT&CK Techniques	125	T1110
Details	Url	1	https://finance.yahoo.com/news/ukrainian-hacker-sought-us-arrested-152808009.html
Details	Url	5	https://attack.mitre.org/techniques
Details	Url	2	https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/security-
Details	Url	5	https://blog.trendmicro
Details	Url	1	https://www.hybrid-analysis.com/sample/d21ebbcbd03f3bd1b185a6d
Details	Url	1	https://grugq.github.io/.
Details	Url	15	https://blog.trendmicro.com/trendlabs-security-intelligence
Details	Url	1	https://blog.trendmicro.com/trendlabs-security-intelligence/cybercriminals-use-malicious-
Details	Url	1	https://github.com/trojan-gfw.
Details	Url	2	https://github.com/valdikss
Details	Url	1	https://boxun.com/news/gb/china/2019/05/201905150940.shtml
Details	Url	3	https://www.bbc.com
Details	Url	1	https://github.com/katmagic/shallot.
Details	Url	2	https://securelist.com/operation-applejeus/87553/.
Details	Url	9	https://www.trendmicro.com/vinfo/us/security/news/cybercrime-
Details	Url	1	https://exchange.xforce.ibmcloud.com/collection/gandcrab-ransomware-walks-its-way-onto-
Details	Url	1	https://blog.talosintelligence.com/2018/05/gandcrab-
Details	Url	1	https://blog.trendmicro.com/trendlabs-security-intelligence/chessmasters-new-
Details	Url	1	https://blog.trendmicro.com/trendlabs-security-intelligence/xtrat-and-dunihi-
Details	Url	1	https://otx.alienvault.com/pulse/59a41117959360468cde5908.
Details	Url	1	https://blog.trendmicro.com/trendlabs-security-intelligence/cryptocurrency-
Details	Url	1	https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/the-internet-
Details	Url	1	https://www.bleepingcomputer.com/news/security/emotet-uses-compromised-devices-as-
Details	Url	1	https://blog.cloudflare.com/is-bgp-safe-yet-rpki-routing-security-initiative/.
Details	Url	1	https://www.manrs
Details	Url	1	https://www.internetsociety.org/blog/2018/04/amazons-route-53-
Details	Url	1	http://www.eurecom.fr/en/publication/3919/download/rs-publi-3919.pdf
Details	Url	1	https://krebsonsecurity.com/2018/07/notorious-hijack-factory-shunned-from-web/.
Details	Url	1	https://www.theregister.com/2018/07/11/bgp_hijacker_booted_off_the_internets_backbone/.
Details	Url	2	https://securelist.com/satellite-turla-apt-command-and-control-in-the-sky/72081/.
Details	Url	1	https://www.bcsatellite.net/satellite-internet-in-kazakhstan/.
Details	Url	1	https://forum.mikrotik.com/viewtopic.php?t=9634
Details	Url	1	https://www.bleepingcomputer.com/news/security/attackers-earn-over-1-million-in-florida-ransomware-