DNS Insights on a Free Form Builder Phishing Campaign
WhoisXML API found 490+ artifacts that could be connected to the recent attack abusing a free form service. Download the threat research materials now.
Continue reading Download reportFrom Fake News Proliferation to Data Theft: Tracing the Red Cross Hack to a Misinformation Network
The cyber attack against the International Committee of the Red Cross (ICRC) exposed the data belonging to more than 500,000 people worldwide.1 While no indicators of compromise (IoCs) have been publicized so far, an interesting link to a fake news network was revealed by security researcher Brian Krebs.2
Building on this connection, WhoisXML API researchers gathered other email addresses named in a related Federal Bureau of Investigation (FBI) website seizure affidavit.3 Our analysis dove into:
- 650+ domains containing the email addresses in their historical WHOIS records
- 270+ IP resolutions pointing to 190+ unique IP addresses
- 820+ connected domains sharing the IP addresses
Download the threat research materials containing the cyber resources and other data points building on the link between the Red Cross hack and the misinformation network.
---
- [1] https://www.icrc.org/en/document/cyber-attack-icrc-what-we-know
- [2] https://securityboulevard.com/2022/02/red-cross-hack-linked-to-iranian-influence-operation/
- [3] https://www.justice.gov/usao-ndca/press-release/file/1334571/download