ioc[.]one - OSINT Cyber Threat Intelligence Database

Mass WordPress compromises redirect to tech support scams | Malwarebytes Labs

Tags

cmtmf-attack-pattern:	Traffic Distribution
attack-pattern:	Dns - T1071.004 Dns - T1590.002 Javascript - T1059.007 Whois - T1596.002

Show in Graph

Common Information

Type	Value
UUID	a83b87cb-19d8-4019-97ba-c3b484a01653
Fingerprint	4c01515391215358
Analysis status	DONE
Considered CTI value	0
Text language
Published	Sept. 20, 2018, midnight
Added to db	Jan. 18, 2023, 8:35 p.m.
Last updated	Oct. 31, 2024, 11:45 a.m.
Headline	Mass WordPress compromises redirect to tech support scams
Title	Mass WordPress compromises redirect to tech support scams \| Malwarebytes Labs
Detected Hints/Tags/Attributes	21/2/15

Source URLs

	Redirection	Url
Details	Source	https://blog.malwarebytes.com/threat-analysis/2018/09/mass-wordpress-compromises-tech-support-scams/

URL Provider

Details	Provider	Source level domain
Details	malwarebytes.com	blog.malwarebytes.com

Attributes

Details	Type	#Events	CTI	Value
Details	File	74		main.js
Details	IPv4	1		137.74.150.112
Details	IPv4	1		51.255.157.138
Details	Domain	1		examhome.net
Details	Domain	4		1a7ea920.bitcoin-dns.hosting
Details	Domain	3		a8332f3a.bitcoin-dns.hosting
Details	Domain	3		ad636824.bitcoin-dns.hosting
Details	Domain	1		mp3menu.org
Details	Domain	1		uustoughtonma.org
Details	Domain	1		ejyoklygase.tk
Details	Domain	1		ads.voipnewswire.net
Details	Domain	1		cdn.allyouwant.online
Details	File	1		ad.js
Details	IPv4	1		37.139.5.74
Details	IPv4	1		23.163.0.39