Resecurity | EvilProxy Phishing-as-a-Service with MFA Bypass Emerged in Dark Web
Tags
Common Information
Type | Value |
---|---|
UUID | c90593c3-8424-4a44-bb63-0cef1223e30a |
Fingerprint | 91d12d19a9919120 |
Analysis status | DONE |
Considered CTI value | 0 |
Text language | |
Published | Sept. 5, 2022, midnight |
Added to db | Aug. 12, 2023, 9:04 a.m. |
Last updated | Dec. 24, 2024, 12:04 a.m. |
Headline | EvilProxy Phishing-as-a-Service with MFA Bypass Emerged in Dark Web |
Title | Resecurity | EvilProxy Phishing-as-a-Service with MFA Bypass Emerged in Dark Web |
Detected Hints/Tags/Attributes | 53/2/21 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 364 | ✔ | Resecurity | https://www.resecurity.com/feed | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 77 | gitlab.com |
|
Details | Domain | 86 | install.sh |
|
Details | Domain | 1 | wwwofc.msdnmail.net |
|
Details | Domain | 3 | brave.com |
|
Details | Domain | 1 | msdnmail.net |
|
Details | Domain | 1 | evilproxy.pro |
|
Details | Domain | 1 | top-cyber.club |
|
Details | Domain | 1 | rproxy.io |
|
Details | Domain | 1 | login-live.rproxy.io |
|
Details | Domain | 1 | gw1.usd0182738s80.click |
|
Details | Domain | 1 | gw2.usd0182738s80.click |
|
Details | Domain | 1 | cpanel.evilproxy.pro |
|
Details | Domain | 1 | cpanel.pua75npooc4ekrkkppdglaleftn5mi2hxsunz5uuup6uxqmen4deepyd.onion |
|
Details | Gitlab username | 1 | ksh8h297ayd0 |
|
Details | IPv4 | 1 | 6.16.0.0 |
|
Details | IPv4 | 1 | 147.78.47.250 |
|
Details | IPv4 | 1 | 185.158.251.169 |
|
Details | IPv4 | 1 | 194.76.226.166 |
|
Details | Url | 1 | https://gitlab.com/ksh8h297ayd0/docker-control-agent.git |
|
Details | Url | 1 | https://lmo.msdnmail.net/common/oauth2/v2.0/authorize?client_id=4765445b |
|
Details | Url | 1 | https://473126b6-bf9a-4a96-8111-fb04f6631ad8-571c4b21.msdnmail.net/mail/?realm=[victim_domain]&exsvurl=1&ll |