Roaming Mantis Uses DNS Changers to Target Users via Compromised Public Routers
Tags
country: Austria Malaysia Germany France India Japan South Korea
maec-delivery-vectors: Watering Hole
attack-pattern: Data Direct Model Credentials - T1589.001 Dns - T1071.004 Dns - T1590.002 Dns Server - T1583.002 Dns Server - T1584.002 Firmware - T1592.003 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004
Show in Graph
Common Information
Type Value
UUID 446172e8-c5a1-4f32-8e16-8e203a6a34d9
Fingerprint e78589199e387260
Analysis status DONE
Considered CTI value 0
Text language
Published Jan. 19, 2023, 6:54 p.m.
Added to db Jan. 19, 2023, 10:44 p.m.
Last updated Nov. 17, 2024, 5:54 p.m.
Headline Roaming Mantis Uses DNS Changers to Target Users via Compromised Public Routers
Title Roaming Mantis Uses DNS Changers to Target Users via Compromised Public Routers
Detected Hints/Tags/Attributes 53/3/2
Source URLs
Redirection Url
Details Source https://www.darkreading.com/remote-workforce/roaming-mantis-uses-dns-changers-to-target-users-via-compromised-public-routers
URL Provider
Details Provider Source level domain
Details darkreading.com www.darkreading.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 163 https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 403 
securelist.com
Details Domain 18 
usa.kaspersky.com