Thousands of Domains Connected to Romance-Themed IoCs | WhoisXML API

Threat Reports

Malicious Valentine: Uncovering Thousands of Domains Connected to Romance-Themed Campaigns

Romance-themed campaigns have several faces—some pose as online dating sites1 while others as fake applications.2 These campaigns occur year-round, but Valentine’s Day could make more people vulnerable. In line with this, WhoisXML API researchers gathered and analyzed the IoCs of romance or Valentine-themed campaigns. Among our key findings are:

  • Complete list of 70+ IoCs with their sources
  • 10,000+ domains connected to the IoCs via their registrant email addresses
  • WHOIS records of a sample of the artifacts consisting of 1,600+ domains
  • Malware check output of a sample of the artifacts consisting of 5,737 domains
  • 500+ DGA-looking domains bulk registered within the last week of January 2022 belonging to three typosquatting groups

Download the threat research materials containing the data related to romance-themed campaigns that could victimize people this Valentine’s season now.

---

  • [1] https://www.trendmicro.com/vinfo/nl/security/news/cybercrime-and-digital-threats/online-dating-websites-lure-japanese-customers-to-scams
  • [2] https://news.sophos.com/en-us/2021/10/13/cryptorom-fake-ios-cryptocurrency-apps/
Try our WhoisXML API for free
Get started