"Don't feed the toll troll": Silent Push tracks new threat actor (IMP-1G) engaging in SMS phishing activities, targeting US and Canadian public services. 100+ IOFA domains discovered, with only 10% known to authorities. - Silent Push
Tags
| country: | Colombia Georgia |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Data Datasets Domains - T1583.001 Domains - T1584.001 Hardware - T1592.001 Impersonation - T1656 Malicious Link - T1204.001 Phishing - T1660 Phishing - T1566 Sms Messages - T1636.004 |
Common Information
| Type | Value |
|---|---|
| UUID | 53aad2f4-4244-4a2f-9efb-a2c6fb05b1b6 |
| Fingerprint | 6fbb7651821ac1f2 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Oct. 10, 2024, 12:11 p.m. |
| Added to db | Oct. 14, 2024, 10:37 a.m. |
| Last updated | Nov. 19, 2024, 3:48 p.m. |
| Headline | "Don't feed the toll troll": Silent Push tracks new threat actor (IMP-1G) engaging in SMS phishing activities, targeting US and Canadian public services. 100+ IOFA domains discovered, with only 10% known to authorities. |
| Title | "Don't feed the toll troll": Silent Push tracks new threat actor (IMP-1G) engaging in SMS phishing activities, targeting US and Canadian public services. 100+ IOFA domains discovered, with only 10% known to authorities. - Silent Push |
| Detected Hints/Tags/Attributes | 47/3/86 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.silentpush.com/blog/imp-1g-smishing/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | nycitypayinvoice.com |
|
| Details | Domain | 2 | southernconnectortolls.com |
|
| Details | Domain | 2 | uspsmailupdate.com |
|
| Details | Domain | 2 | gapeachpasstolls.com |
|
| Details | Domain | 2 | paturnpikeinvoices.com |
|
| Details | Domain | 3 | bcpay-infraction.com |
|
| Details | Domain | 3 | us-courtweb.com |
|
| Details | Domain | 2 | drive-ks.org |
|
| Details | Domain | 3 | a25-bridgepayment.com |
|
| Details | Domain | 3 | alberta-accounts.com |
|
| Details | Domain | 3 | alberta-infractions.com |
|
| Details | Domain | 3 | alberta-traffictickets.com |
|
| Details | Domain | 3 | bayareafastrak-fees.com |
|
| Details | Domain | 2 | bayareafastrakexpresslane.com |
|
| Details | Domain | 2 | bayareafastrakinvoice.com |
|
| Details | Domain | 2 | bayareafastrakinvoices.com |
|
| Details | Domain | 2 | bayareafastrakstolls.com |
|
| Details | Domain | 3 | bayareasf-fastrak.com |
|
| Details | Domain | 3 | bc-fine.com |
|
| Details | Domain | 3 | bc-infractions.com |
|
| Details | Domain | 3 | bcpay-accounts.com |
|
| Details | Domain | 3 | canadapost-packagecenter.com |
|
| Details | Domain | 2 | depositetransfercanada.com |
|
| Details | Domain | 3 | epcor-account.com |
|
| Details | Domain | 2 | expresstollinvoice.com |
|
| Details | Domain | 2 | ezdrivemas.com |
|
| Details | Domain | 2 | ezdrivematoll.com |
|
| Details | Domain | 2 | ezdrivematolls.com |
|
| Details | Domain | 3 | fastrak-payment.com |
|
| Details | Domain | 2 | floridasunpassinvoice.com |
|
| Details | Domain | 2 | flpayheresunpass.com |
|
| Details | Domain | 2 | flsunpasspayhere.com |
|
| Details | Domain | 2 | illinoistollwayinvoice.com |
|
| Details | Domain | 2 | indianatollroads.com |
|
| Details | Domain | 2 | invoicesezdrivematolls.com |
|
| Details | Domain | 2 | mygoodtogoinvoice.com |
|
| Details | Domain | 2 | mysunpassinvoices.com |
|
| Details | Domain | 2 | mysunpasstollsinvoices.com |
|
| Details | Domain | 2 | ncquickpassinvoice.com |
|
| Details | Domain | 2 | nycitypaynotice.com |
|
| Details | Domain | 2 | nycitypayparking.com |
|
| Details | Domain | 2 | oh-lanes.com |
|
| Details | Domain | 2 | ohioturnpiketolls.org |
|
| Details | Domain | 3 | ontario-courtspayment.com |
|
| Details | Domain | 3 | ontariocanadacourt.com |
|
| Details | Domain | 3 | ontariocourts-setfines-ca.com |
|
| Details | Domain | 3 | ontariocourts-webpayment.com |
|
| Details | Domain | 3 | ontariowebcourt-ca.com |
|
| Details | Domain | 2 | paturnpikestolls.com |
|
| Details | Domain | 2 | paturnpiketollsinvoices.com |
|
| Details | Domain | 2 | pay-directnow.app |
|
| Details | Domain | 3 | paybc-account.com |
|
| Details | Domain | 3 | paybc-fine.com |
|
| Details | Domain | 3 | paybc-infraction.com |
|
| Details | Domain | 2 | peachpasstolls.com |
|
| Details | Domain | 2 | peachpasstollservices.com |
|
| Details | Domain | 2 | revenuecanadadeposit.com |
|
| Details | Domain | 2 | rmatollservices.com |
|
| Details | Domain | 3 | service-courtus.com |
|
| Details | Domain | 2 | sunpassinvoice.com |
|
| Details | Domain | 2 | sunpassinvoices.com |
|
| Details | Domain | 2 | sunpassinvoicestolls.com |
|
| Details | Domain | 2 | sunpasstollcheckout.com |
|
| Details | Domain | 2 | sunpasstollinvoices.com |
|
| Details | Domain | 2 | tennessetollinvoices.com |
|
| Details | Domain | 2 | texasrmatoll.com |
|
| Details | Domain | 2 | tollon407-etr.com |
|
| Details | Domain | 2 | tollservicesma.com |
|
| Details | Domain | 3 | uscourt-ticket.com |
|
| Details | Domain | 2 | nycitypay.com |
|
| Details | Domain | 2 | sunpasstollsbill.com |
|
| Details | Domain | 2 | tollbymailsnyinvoice.com |
|
| Details | Domain | 2 | tollsbymailnyinvoice.com |
|
| Details | Domain | 2 | tollsbymailsinvoices.com |
|
| Details | Domain | 2 | inx-132244.shop |
|
| Details | Domain | 3 | services-ledger-hardware.com |
|
| Details | Domain | 3 | support-theta-token.com |
|
| Details | IPv4 | 2 | 176.123.1.122 |
|
| Details | IPv4 | 2 | 107.189.16.129 |
|
| Details | IPv4 | 2 | 185.12.14.83 |
|
| Details | IPv4 | 2 | 80.249.144.196 |
|
| Details | IPv4 | 2 | 77.232.41.192 |
|
| Details | IPv4 | 2 | 91.142.78.221 |
|
| Details | IPv4 | 2 | 195.133.48.87 |
|
| Details | IPv4 | 2 | 62.106.66.180 |
|
| Details | IPv4 | 2 | 194.36.188.32 |