MOONSHINE and DarkNimbus in the DNS Spotlight
WhoisXML API found 460+ artifacts tied to the Earth Minotaur attack leveraging MOONSHINE and DarkNimbus. Download the threat research materials now.
Continue reading Download reportA DNS Investigation of the 32 Doppelganger Websites the U.S. Government Seized
Pretty much everything people need to accomplish these days, especially obtaining information, is doable online. So, is it really surprising how much fake news we can find on the Web?
The threat actors behind the Doppelganger campaign showed how much damage disinformation can sow, and what believing in it can result in. Fake news, for instance, can have real-life consequences like losing an election or long-term reputational damage.
That said, the U.S. government recently seized 32 domains believed to be part of the Doppelganger campaign.1 Is that the end of the operation, though?
The WhoisXML API research team sought to find out by jumping off the complete list of seized domains.2 Our in-depth analysis uncovered:
- 384 registrant-connected domains
- 123 email-connected domains
- 64 IP addresses, 54 of which turned out to be malicious
- 2,463 string-connected domains, six of which turned out to be associated with various threats
Download a sample of the threat research materials now or contact sales to discuss your intelligence needs for threat detection and response or other cybersecurity use cases.
—
- [1] https://www.justice.gov/opa/pr/justice-department-disrupts-covert-russian-government-sponsored-foreign-malign-influence
- [2] https://thehackernews.com/2024/09/us-seizes-32-pro-russian-propaganda.html