New Year, Old Threats: What Does the DNS Reveal about 2025?
We found 16,000+ artifacts that could be tied to suspicious 2025-themed domains. Download the threat research materials now.
Continue reading Download reportA DNS Deep Dive into New Crypto Threat “Hidden Risk”
The number of people who own cryptocurrencies the world over has reached more than 560 million people this year.1 To cyber attackers, that could mean more than half a million potential victims, as crypto owners are often lured by fake news promising investment opportunities or market insights. The actors behind Hidden Risk appear to have targeted them with a malicious campaign that uses fake crypto news to distribute the RustBucket malware.
The WhoisXML API research team compiled 81 indicators of compromise (IoCs) from a published report and expanded it aided by DNS intelligence.2
Our in-depth analysis led to the discovery of:
- 40 email-connected domains
- 14 additional IP addresses, 13 of which turned out to be malicious
- Six IP-connected domains
- 1,685 string-connected domains, three of which turned out to be malicious
- Five string-connected subdomains
Download a sample of the threat research materials now or contact sales to discuss your intelligence needs for threat detection and response or other cybersecurity use cases.
—
- [1] https://www.triple-a.io/cryptocurrency-ownership-data
- [2] https://www.sentinelone.com/labs/bluenoroff-hidden-risk-threat-actor-targets-macs-with-fake-crypto-news-and-novel-persistence/