Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Moneybadger$ host IPs and additional domains #537

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Moneybadger$ host IPs and additional domains #537

wants to merge 4 commits into from
+17 −1

Conversation

g0d33p3rsec
Copy link
Contributor

Phishing Domain/URL/IP(s):

45.141.156.114
https://anopting.xyz/mmf_04/mmf_SK_04.php
https://ostarcub.xyz/das_02/das_SK_02.php
https://kodalhis.xyz/mn_01/mn_SK_01.php
https://nuferimag.xyz/1ve/7.html

45.141.156.248
https://idurcens.xyz/dmf_04/dmf_04_yg.php 
https://otwareng.xyz/dn_03/dn_03_yg.php
https://pejusing.xyz/5Fb/7.html 
https://numwezir.xyz/1/7.html
https://numwezir.xyz/2/7.html
https://numwezir.xyz/3/7.html
https://numwezir.xyz/4/7.html
https://numwezir.xyz/5/7.html
https://numwezir.xyz/6/7.html

Impersonated domain

https://www.avast.com
https://www.avira.com/
https://www.mcafee.com/
https://norton.com/

Describe the issue

Following up on #492 and #493, viewing related IPs showed additional related antivirus scam lures.

Related external source

https://urlscan.io/ip/45.141.156.114
https://urlscan.io/result/89679dae-30cd-4bf5-9adc-52603ddec112
https://urlscan.io/result/9f55f1a4-6609-4583-a7a4-a183a288ab6d/
https://urlscan.io/result/2574a8aa-4ef4-40ad-92df-82600f9e6ef2/
https://urlscan.io/result/bcf1cded-bce7-42e0-aa02-6b9d565952dd/
https://urlscan.io/ip/45.141.156.248
https://urlscan.io/result/38ec248d-2cd7-410b-9071-f2237c75857f/
https://urlscan.io/result/9795b06c-3fbe-41c6-b11f-5a2a99f4fb7e/
https://urlscan.io/result/1f6a19a1-81ee-4b50-b499-5c317a9dabe4/
https://urlscan.io/result/39d82cf9-5801-4b7d-90a5-44010398ae6d/
https://urlscan.io/result/7438839e-b517-45a2-9c28-04d7853e316c/
https://urlscan.io/result/8e34b163-e394-462a-97b4-12a652ac81dd/
https://urlscan.io/result/dd817369-fc70-4ffc-82a9-d5c52472090e/
https://urlscan.io/result/c874b27c-df9d-4a5c-af75-2c759b01ba08/
https://urlscan.io/result/f132ae88-ec93-4ab2-abe0-7c50dc2f50d9/

Screenshot

Click to expand

39d82cf9-5801-4b7d-90a5-44010398ae6d
7438839e-b517-45a2-9c28-04d7853e316c
8e34b163-e394-462a-97b4-12a652ac81dd
dd817369-fc70-4ffc-82a9-d5c52472090e
c874b27c-df9d-4a5c-af75-2c759b01ba08
f132ae88-ec93-4ab2-abe0-7c50dc2f50d9
9795b06c-3fbe-41c6-b11f-5a2a99f4fb7e
38ec248d-2cd7-410b-9071-f2237c75857f
9f55f1a4-6609-4583-a7a4-a183a288ab6d

This was referenced Dec 20, 2024
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@g0d33p3rsec