Resecurity | LogoKit update – The phishing kit leveraging Open Redirect Vulnerabilities
Tags
| country: | Laos |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Domains - T1583.001 Domains - T1584.001 Email Addresses - T1589.002 Javascript - T1059.007 Phishing - T1660 Phishing - T1566 Tool - T1588.002 Vulnerabilities - T1588.006 |
Common Information
| Type | Value |
|---|---|
| UUID | eb165ea3-95e4-4690-84e6-496fda5bfa2a |
| Fingerprint | a84184d2391397e5 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Aug. 7, 2022, midnight |
| Added to db | June 5, 2023, 1:35 p.m. |
| Last updated | Nov. 17, 2024, 5:56 p.m. |
| Headline | LogoKit update – The phishing kit leveraging Open Redirect Vulnerabilities |
| Title | Resecurity | LogoKit update – The phishing kit leveraging Open Redirect Vulnerabilities |
| Detected Hints/Tags/Attributes | 44/3/28 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 364 | ✔ | Resecurity | https://www.resecurity.com/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | bz.pn83f.parquedelprado.com.do |
|
| Details | Domain | 154 | urlscan.io |
|
| Details | Domain | 8 | gmx.net |
|
| Details | Domain | 22 | victim.com |
|
| Details | Domain | 175 | www.zdnet.com |
|
| Details | Domain | 23 | community.riskiq.com |
|
| Details | Domain | 6 | fleek.co |
|
| Details | Domain | 1 | storageapi.fleek.co |
|
| Details | Domain | 1 | institutoaxioma.com.ar |
|
| Details | Domain | 1 | email25.godaddy.com-sign-realm.getforge.io |
|
| Details | Domain | 6 | web.app |
|
| Details | Domain | 1 | csb.app |
|
| Details | Domain | 2 | us.archive.org |
|
| Details | Domain | 1 | gl1hz.csb.app |
|
| Details | Domain | 1 | ia801507.us.archive.org |
|
| Details | Domain | 1 | cerstts.ga |
|
| Details | 1 | storageapi.fleek.co/0ad91b1c-9994-4a1d-bf88-18cf07dbaf52-bucket/continue.html?#contact@victim.com |
||
| Details | 1 | 20221307201826fa327a984e$921db1434a@gmx.net |
||
| Details | 1 | tafuskazutcom4q@gmx.net |
||
| Details | 1 | contact@victim.com |
||
| Details | File | 2 | continue.html |
|
| Details | Url | 1 | http://bz.pn83f.parquedelprado.com.do |
|
| Details | Url | 1 | https://storageapi.fleek.co/0ad91b1c-9994-4a1d-bf88-18cf07dbaf52-bucket/continue.html?#contact@victim.com |
|
| Details | Url | 1 | https://urlscan.io/result/94a6995d-fa52-4007-acca-06a7effd168c/related |
|
| Details | Url | 1 | https://urlscan.io/result/acee5510-cde3-4003-a2cc-940764f43bbb |
|
| Details | Url | 1 | https://urlscan.io/result/3134f384-6bee-47cf-baa6-4786fed728d3 |
|
| Details | Url | 1 | https://www.zdnet.com/article/new-cybercrime-tool-can-build-phishing-pages-in-real-time |
|
| Details | Url | 1 | https://community.riskiq.com/article/a068810a |