ioc[.]one - OSINT Cyber Threat Intelligence Database

Threat Actors Push ClickFix Fake Browser Updates Using Stolen Credentials

Tags

cmtmf-attack-pattern:	Masquerading
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Botnet - T1583.005 Botnet - T1584.005 Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Masquerading - T1655 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Social Media - T1593.001 Vulnerabilities - T1588.006 Brute Force - T1110 Masquerading - T1036 Masquerading

Show in Graph

Common Information

Type	Value
UUID	7d3508b3-d23e-43bf-a7ff-b4b89f8dd692
Fingerprint	a42051098fff3f4b
Analysis status	DONE
Considered CTI value	0
Text language
Published	Oct. 17, 2024, 10:39 a.m.
Added to db	Oct. 22, 2024, 2:51 p.m.
Last updated	Nov. 17, 2024, 9:42 p.m.
Headline	Threat Actors Push ClickFix Fake Browser Updates Using Stolen Credentials
Title	Threat Actors Push ClickFix Fake Browser Updates Using Stolen Credentials
Detected Hints/Tags/Attributes	62/3/47

Source URLs

	Redirection	Url
Details	Source	https://www.godaddy.com/resources/news/threat-actors-push-clickfix-fake-browser-updates-using-stolen-credentials

URL Provider

Details	Provider	Source level domain
Details	godaddy.com	www.godaddy.com

Attributes

Details	Type	#Events	Value
Details	Domain	3	infected.site
Details	Domain	3	cdn.ethers.io
Details	Domain	3	bsc-dataseed1.binance.org
Details	Domain	4	smolcatkgi.shop
Details	Domain	831	example.com
Details	Domain	4127	github.com
Details	Domain	4	ajsdiaolke.shop
Details	Domain	4	daslkjfhi2.lol
Details	Domain	4	dais7nsa.pics
Details	Domain	4	md928zs.shop
Details	Domain	4	mdasidy72.lol
Details	Domain	4	mdasidy72.mom
Details	Domain	4	ndas8m92.shop
Details	Domain	4	ndm2398asdlw.shop
Details	Domain	4	peskpdfgif.shop
Details	Domain	4	skibidirizz.lol
Details	Domain	4	x99y.xyz
Details	Domain	78	bitbucket.org
Details	File	1205	index.php
Details	File	5	qcc-script.js
Details	File	5	aum-script.js
Details	File	5	-script.js
Details	File	62	script.js
Details	File	5	abc-script.js
Details	File	5	awm-script.js
Details	File	5	cb-script.js
Details	File	5	cci-script.js
Details	File	5	cfg-script.js
Details	File	5	cls-script.js
Details	File	5	dsm-script.js
Details	File	5	fbp-script.js
Details	File	5	rmb-script.js
Details	File	5	sop-script.js
Details	File	5	spe-script.js
Details	File	5	smi-script.js
Details	File	218	min.js
Details	File	3	bsc-dataseed1.bin
Details	File	59	wp-login.php
Details	File	9	plugin-install.php
Details	File	56	update.php
Details	File	13	plugins.php
Details	md5	4	194577a7e20bdcc7afbb718f502c134c
Details	md5	4	602e1f42d73cadcd73338ffbc553d5a2
Details	sha256	4	d65165279105ca6773180500688df4bdc69a2c7b771752f0a46ef120b7fd8ec3
Details	sha256	4	a4ad384663963d335a27fa088178a17613a7b597f2db8152ea3d809c8b9781a0
Details	IPv4	20	128.0.0.0
Details	Url	3	https://github.com/politoolivia5/browserupdate