WhoisXML API researcher Dancho Danchev recently delved deep into the Infraud Organization’s cybercriminal infrastructure. Infraud Organization is well-known for maintaining a cybercriminal forum that provides threat actors tons of stolen credit card information.1 Danchev used WHOIS, IP, and DNS tools to identify more artifacts connected to the threat.
The analysis allowed us to build detailed threat research materials that revealed:
- 89 domains believed to be part of Infraud Organization’s cybercriminal infrastructure found via WHOIS, WHOIS history, and DNS searches
- 222 IP addresses known to serve as hosts to the organization’s pages
- 227 servers playing host to Infraud Organization pages
- Three Infraud Organization registrant email addresses
- Two malware MD5 hashes
Download the threat research materials now to access the complete list of identified artifacts used to conduct additional enrichment and threat analysis as well as trend identification.