Monkeypox was recently declared a public health emergency1 so it’s bound to gain even more attention in the coming weeks or months. Even before then, it has already been used as a phishing campaign lure,2 are we set to see more of this?
We took an in-depth look at WHOIS and Domain Name System (DNS) records to know more about the threat and see unfolding trends. We found:
- Two IP addresses a domain identified as an indicator of compromise (IoC) resolved to
- 600+ domains that shared the IoCs’ IP addresses, one of which was found to be malicious
- 700+ domains containing the text string “monkeypox” registered between 1 January and 31 July 2022, a couple of which were dubbed “malware hosts”
- 70+ subdomains containing the text string “monkeypox” registered from 1 January to 31 July 2022
Download a sample of the threat research materials now or contact us to access the complete set of research materials.
—
- [1] https://www.npr.org/2022/07/23/1113183728/monkeypox-global-health-emergency-who