ioc[.]one - OSINT Cyber Threat Intelligence Database

Triad Nexus: Silent Push exposes FUNNULL CDN's ongoing corruption efforts, hosting DGA bulk domains for suspect Chinese gambling sites, investment scams, a retail phishing campaign, and a supply chain attack impacting 110,000+ sites - Silent Push

Tags

country:	China Hong Kong Macao Portugal
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Model Cdns - T1596.004 Code Repositories - T1213.003 Code Repositories - T1593.003 Credentials - T1589.001 Dns - T1071.004 Dns - T1590.002 Domain Generation Algorithms - T1637.001 Domain Generation Algorithms - T1568.002 Domain Generation Algorithms - T1520 Domain Generation Algorithms - T1483 Domains - T1583.001 Domains - T1584.001 Exploits - T1587.004 Exploits - T1588.005 Ip Addresses - T1590.005 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004

Show in Graph

Common Information

Type	Value
UUID	3d00e314-cc84-4332-94d2-e390996f2089
Fingerprint	b9d0919ddb9a978a
Analysis status	DONE
Considered CTI value	0
Text language
Published	Oct. 22, 2024, 3:39 p.m.
Added to db	Oct. 22, 2024, 5:42 p.m.
Last updated	Nov. 17, 2024, 7:44 p.m.
Headline	Triad Nexus: Silent Push exposes FUNNULL CDN's ongoing corruption efforts, hosting DGA bulk domains for suspect Chinese gambling sites, investment scams, a retail phishing campaign, and a supply chain attack impacting 110,000+ sites
Title	Triad Nexus: Silent Push exposes FUNNULL CDN's ongoing corruption efforts, hosting DGA bulk domains for suspect Chinese gambling sites, investment scams, a retail phishing campaign, and a supply chain attack impacting 110,000+ sites - Silent Push
Detected Hints/Tags/Attributes	92/3/97

Source URLs

	Redirection	Url
Details	Source	https://www.silentpush.com/blog/triad-nexus-funnull/?utm_source=rss&utm_medium=rss&utm_campaign=triad-nexus-funnull

URL Provider

Details	Provider	Source level domain
Details	silentpush.com	www.silentpush.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	496	✔	Silent Push	https://www.silentpush.com/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Autonomous System Number	2	AS152194
Details	Autonomous System Number	2	AS45753
Details	Autonomous System Number	2	AS55933
Details	Autonomous System Number	14	AS8075
Details	Autonomous System Number	25	AS16509
Details	Domain	18	polyfill.io
Details	Domain	2	7419255.com
Details	Domain	2	onbuy.com
Details	Domain	3	vk6a2rmn-u.funnull.vip
Details	Domain	3	fn03.vip
Details	Domain	2	cmegrouphkpd.info
Details	Domain	3	hiflyk47344.top
Details	Domain	3	vk6a2rmn-u.funnull01.vip
Details	Domain	3	funnull.vip
Details	Domain	3	funnull01.vip
Details	Domain	2	funnull.com
Details	Domain	4	funnull.io
Details	Domain	5	acb.bet
Details	Domain	3	t25556.com
Details	Domain	3	6289.com
Details	Domain	2	threevip.cc
Details	Domain	2	15991t.com
Details	Domain	4127	github.com
Details	Domain	2	xianludh.github.io
Details	Domain	1174	gmail.com
Details	Domain	2	aensnn.com
Details	Domain	3	aldo.shopaldo1.com
Details	Domain	2	aldosopy.comh5.aldosop.com
Details	Domain	3	asda.aseasda.com
Details	Domain	2	asda.assedda.comasda.assedaa.com
Details	Domain	3	bcbdsgs.com
Details	Domain	3	bonanza.jdfraa.com
Details	Domain	2	jdfraa.shopjdfroa.com
Details	Domain	3	cartier.cartierate.com
Details	Domain	3	casher.cashewargi.com
Details	Domain	3	cjmall01.com
Details	Domain	3	ebate.ebatshop.com
Details	Domain	3	ebay.ebayshoo.com
Details	Domain	2	eby.ebayshos.comeby.ebanyshop.com
Details	Domain	3	etsy.etsyshop1.com
Details	Domain	3	haodeac.com
Details	Domain	3	lotasea.com
Details	Domain	3	marcus.marcudk.com
Details	Domain	2	marcus.marcudk.netmarcus.marcufu.net
Details	Domain	3	tiffa.tiffyfy.net
Details	Domain	3	sonbuyre.com
Details	Domain	2	sonbuyue.comsonbuyue.net
Details	Domain	3	sakoffhue.com
Details	Domain	2	sakoffirg.comsakofforg.net
Details	Domain	3	giltql.net
Details	Domain	2	giltbl.comgiltql.com
Details	Domain	3	coachoph.com
Details	Domain	2	coachbir.comcoachoig.com
Details	Domain	3	milvmhshop.com
Details	Domain	2	slvmgo.netslvmgo.com
Details	Domain	2	inditex.com
Details	Domain	3	inditetx.net
Details	Domain	2	inditetx.topinditetx.com
Details	Domain	3	valentinogtm.com
Details	Domain	2	coroexchange.com
Details	Domain	3	bootcdn.net
Details	Domain	4	bootcss.com
Details	Domain	3	staticfile.net
Details	Domain	3	staticfile.org
Details	Domain	3	www.cmegrouphkpd.info
Details	Domain	3	aldosopy.com
Details	Domain	3	h5.aldosop.com
Details	Domain	3	asda.assedda.com
Details	Domain	3	asda.assedaa.com
Details	Domain	3	jdfraa.shop
Details	Domain	3	jdfroa.com
Details	Domain	3	eby.ebayshos.com
Details	Domain	3	eby.ebanyshop.com
Details	Domain	3	marcus.marcudk.net
Details	Domain	3	marcus.marcufu.net
Details	Domain	3	sonbuyue.com
Details	Domain	3	sonbuyue.net
Details	Domain	3	sakoffirg.com
Details	Domain	3	sakofforg.net
Details	Domain	3	giltbl.com
Details	Domain	3	giltql.com
Details	Domain	3	coachbir.com
Details	Domain	3	coachoig.com
Details	Domain	3	slvmgo.net
Details	Domain	3	slvmgo.com
Details	Domain	3	inditetx.top
Details	Domain	3	inditetx.com
Details	Domain	3	s97988.com
Details	Domain	3	s3958.com
Details	Domain	3	r4113.com
Details	Domain	3	r0944.com
Details	Domain	3	k76697.com
Details	Email	2	gushi083@gmail.com
Details	File	3	tiffa.tif
Details	File	2	logins.html
Details	File	2	do_login.html
Details	IPv4	2	137.220.202.236