Cybercriminal Spotlight: Infraud Organization and Its Infrastructure | WhoisXML API

Threat Reports

An OSINT Analysis of Infraud Organization and Its Cybercriminal Infrastructure

WhoisXML API researcher Dancho Danchev recently delved deep into the Infraud Organization’s cybercriminal infrastructure. Infraud Organization is well-known for maintaining a cybercriminal forum that provides threat actors tons of stolen credit card information.1 Danchev used WHOIS, IP, and DNS tools to identify more artifacts connected to the threat.

The analysis allowed us to build detailed threat research materials that revealed:

  • 89 domains believed to be part of Infraud Organization’s cybercriminal infrastructure found via WHOIS, WHOIS history, and DNS searches
  • 222 IP addresses known to serve as hosts to the organization’s pages
  • 227 servers playing host to Infraud Organization pages
  • Three Infraud Organization registrant email addresses
  • Two malware MD5 hashes

Download the threat research materials now to access the complete list of identified artifacts used to conduct additional enrichment and threat analysis as well as trend identification.

Try our WhoisXML API for free
Get started