Phishing Campaign Steals Credentials Via Watering Hole
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Exploits - T1587.004 Exploits - T1588.005 Ip Addresses - T1590.005 Javascript - T1059.007 Phishing - T1660 Phishing - T1566 Search Engines - T1593.002 Server - T1583.004 Server - T1584.004 Social Media - T1593.001
Show in Graph
Common Information
Type Value
UUID b8b1e662-92dc-4cf1-ba16-aa714e18dae2
Fingerprint a6078990191aae6e
Analysis status DONE
Considered CTI value 2
Text language
Published March 28, 2019, midnight
Added to db Oct. 15, 2024, 9:34 p.m.
Last updated Oct. 23, 2024, 12:33 a.m.
Headline Phishing Campaign Steals Credentials Via Watering Hole
Title Phishing Campaign Steals Credentials Via Watering Hole
Detected Hints/Tags/Attributes 43/2/9
Source URLs
Redirection Url
Details Source https://www.trendmicro.com/en_in/research/19/c/desktop-mobile-phishing-campaign-targets-south-korean-websites-steals-credentials-via-watering-hole.html
URL Provider
Details Provider Source level domain
Details trendmicro.com www.trendmicro.com
Attributes
Details Type #Events CTI Value
Details Domain 1 
oauth2.space
Details Domain 1 
oauth20.xyz
Details File 19 
trojan.html
Details sha256 1 
03ab41336ff260ec2410ac2704467676284df8644befce5a0b40773cc570286a
Details sha256 1 
29447d09a76f2a7982562a4386529d0af26cd756671fd7173d518a34717c2aae
Details sha256 1 
7034c01be6c94ce2d42bbc3c197d0f9678ccb0fcc6ba6d0484d6bcf859a6d774
Details sha256 1 
b2bc1df018abd4ebc2e2f68fbae09a55bc38173697171507f8cfef9e7ec39978
Details Url 1 
https://oauth2.space
Details Url 1 
https://oauth20.xyz