ioc[.]one - OSINT Cyber Threat Intelligence Database

SEO Poisoning Campaigns Target Browser Installers and Crypto Sites, Spreading Poseidon, GhostRAT & More

Tags

cmtmf-attack-pattern:	Masquerading
country:	Hong Kong
maec-delivery-vectors:	Watering Hole
attack-pattern:	Botnet - T1583.005 Botnet - T1584.005 Domains - T1583.001 Domains - T1584.001 Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 System Information Discovery - T1426 Seo Poisoning - T1608.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Masquerading - T1036 System Information Discovery - T1082 Masquerading

Show in Graph

Common Information

Type	Value
UUID	28ad0a3a-99ab-48c8-bd74-e80ab1f94a31
Fingerprint	a01c8959c93aa516
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 3, 2024, midnight
Added to db	Oct. 9, 2024, 8:27 p.m.
Last updated	Nov. 14, 2024, 4:12 p.m.
Headline	SEO Poisoning Campaigns Target Browser Installers and Crypto Sites, Spreading Poseidon, GhostRAT & More
Title	SEO Poisoning Campaigns Target Browser Installers and Crypto Sites, Spreading Poseidon, GhostRAT & More
Detected Hints/Tags/Attributes	51/4/16

Source URLs

	Redirection	Url
Details	Source	https://hunt.io/blog/seo-poisoning-campaigns-target-browser-installers-and-crypto-sites-spreading-poseidon-ghostrat-more

URL Provider

Details	Provider	Source level domain
Details	hunt.io	hunt.io

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	1		tradingview.zip
Details	Domain	1		aicoin.la
Details	Domain	57		hunt.io
Details	File	1		sleipnir_setup.dmg
Details	File	1		tradingview.zip
Details	File	2		tradingview.exe
Details	File	1		aicoin.apk
Details	File	1		aicoin.dmg
Details	File	1		signalsetup.msi
Details	sha1	1		7f9f68c91675e06745c7567d3baa563616fe8b7d
Details	sha1	1		b91d8478178eb80c1b490fe62fa534aaef47c154
Details	sha1	1		71b510fa5dc20fd55218c1decf3db65b0f4c9377
Details	sha1	1		7c73f1df9d1f9708bcf84617c52ef3c4fe9ce87c
Details	sha1	1		91ddde751f30248348d70511de79ec394d5ed33f
Details	sha1	1		3426ce901e21b195e4609153c509b595b71edeb2
Details	Url	1		http://79.137.192_4/p2p