ioc[.]one - OSINT Cyber Threat Intelligence Database

Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network

Tags

country:	Netherlands Germany
maec-delivery-vectors:	Watering Hole
attack-pattern:	Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Exploits - T1587.004 Exploits - T1588.005 Javascript - T1059.007 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006 Browser Extensions - T1176 Brute Force - T1110

Show in Graph

Common Information

Type	Value
UUID	aedeecdc-2cfc-4398-99af-157f2c6d9756
Fingerprint	b4201b319c3336c3
Analysis status	DONE
Considered CTI value	0
Text language
Published	Jan. 24, 2023, 2:41 p.m.
Added to db	Feb. 17, 2023, 11:33 p.m.
Last updated	Nov. 17, 2024, 11:40 p.m.
Headline	Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network
Title	Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network
Detected Hints/Tags/Attributes	69/3/76

Source URLs

	Redirection	Url
Details	Source	https://blog.sucuri.net/2023/01/massive-campaign-uses-hacked-wordpress-sites-as-platform-for-black-hat-ad-network.html

URL Provider

Details	Provider	Source level domain
Details	sucuri.net	blog.sucuri.net

Attributes

Details	Type	#Events	Value
Details	Domain	1	track.violetlovelines.com
Details	Domain	154	urlscan.io
Details	Domain	1	way.specialblueitems.com
Details	Domain	3	weatherplllatform.com
Details	Domain	1	violetlovelines.com
Details	Domain	1	cdn.violetlovelines.com
Details	Domain	1	track.greengoplatform.com
Details	Domain	1	files.findtrustclicks.com
Details	Domain	1	news.weatherplllatform.com
Details	Domain	1	interestmoments.com
Details	Domain	1	similarwebline.com
Details	Domain	1	long.interestmoments.com
Details	Domain	1	short.interestmoments.com
Details	Domain	1	template.interestmoments.com
Details	Domain	1	similar.similarwebline.com
Details	Domain	1	chestishugli.com
Details	Domain	1	duhestyce.com
Details	Domain	1	dusyguri.com
Details	Domain	1	fujonusy.com
Details	Domain	1	ginepija.com
Details	Domain	1	heglosuty.com
Details	Domain	1	hydothera.com
Details	Domain	1	hyxumuta.com
Details	Domain	1	jefashivy.com
Details	Domain	1	kawunimy.com
Details	Domain	1	ladyphapty.com
Details	Domain	1	laluvygy.com
Details	Domain	1	lebinaphy.com
Details	Domain	1	psihimapto.com
Details	Domain	1	thirawogla.com
Details	Domain	1	tuleceti.com
Details	Domain	1	vozastane.com
Details	Domain	1	whychymithy.com
Details	Domain	1	whujyfali.com
Details	Domain	1	wholegrady.com
Details	Domain	22	hp.com
Details	Domain	1	clean-blocker.com
Details	Domain	2	microsoftedge.microsoft.com
Details	Domain	25	chrome.google.com
Details	Domain	30	addons.mozilla.org
Details	Domain	1175	gmail.com
Details	Domain	1	leveledsures.fun
Details	Domain	4	ezstat.ru
Details	Domain	112	cdn.discordapp.com
Details	Domain	17	setup.zip
Details	Domain	1	setupfilesoftware.zip
Details	Domain	538	pic.twitter.com
Details	Domain	1	specialblueitems.com
Details	Email	1	khavronya923194@gmail.com
Details	Email	1	timursob578@gmail.com
Details	File	2	jack.js
Details	File	1206	index.php
Details	File	1	back.js
Details	File	59	wp-login.php
Details	File	40	jquery.js
Details	File	218	min.js
Details	File	1	simple.js
Details	File	2	global.js
Details	File	2	away.php
Details	File	1	fl-way.php
Details	File	1	bl-way.php
Details	File	1	web-line.php
Details	File	17	setup.zip
Details	File	208	setup.exe
Details	File	1	setupfilesoftware.zip
Details	File	1	wp-reset.php
Details	IPv4	1	208.88.225.119
Details	IPv6	1	2a00:1178:1:4b::17
Details	IPv6	1	2607:fbe0:1:42::17
Details	Url	1	https://track.violetlovelines.com/src/jack.js?v=
Details	Url	1	https://microsoftedge.microsoft.com/addons/detail/lneokhajjamkcciipddlogdbiegmcaim
Details	Url	1	https://chrome.google.com/webstore/detail/crystalblocker/ehhgaobakclpaachikjhcpelknghhbfh
Details	Url	1	https://addons.mozilla.org/en-us/firefox/addon/crystalblocker
Details	Url	1	https://chrome.google.com/webstore/detail/cleanblocker/obhoainpkkkkjeegnbaobapedpfdhbdl.
Details	Url	1	https://ezstat.ru/nolove2
Details	Url	1	https://cdn.discordapp.com/attachments/1063449612435869720/1063535665154896044/setup.zip