Incident report: Spotting SocGholish WordPress injection - Expel
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002
Show in Graph
Common Information
Type Value
UUID 41923ef6-7cd2-45ff-a78f-72a94ddd57dd
Fingerprint b41531928b24702c
Analysis status DONE
Considered CTI value 0
Text language
Published July 22, 2021, 2:17 p.m.
Added to db Sept. 26, 2022, 9:34 a.m.
Last updated Oct. 14, 2024, 9:51 p.m.
Headline Incident report: Spotting SocGholish WordPress injection
Title Incident report: Spotting SocGholish WordPress injection - Expel
Detected Hints/Tags/Attributes 37/2/7
Source URLs
Redirection Url
Details Source https://expel.com/blog/incident-report-spotting-socgholish-wordpress-injection/
Details Source https://expel.io/blog/incident-report-spotting-socgholish-wordpress-injection/
URL Provider
Details Provider Source level domain
Details expel.com expel.com
Details expel.io expel.io
Attributes
Details Type #Events CTI Value
Details Domain 1 
services.accountabilitypartner.com
Details Domain 2 
drpease.com
Details Domain 3 
notify.aproposaussies.com
Details File 22 
update.js
Details File 2 
pixel.png
Details IPv4 2 
195.189.96.41
Details IPv4 3 
179.43.169.30