Tracking Down Sea Turtle IoCs in the DNS Ocean | WhoisXML API

Threat Reports

Tracking Down Sea Turtle IoCs in the DNS Ocean

The Sea Turtle cyber espionage group recently made waves after launching an attack on a new target country.1 They were also observed using more evasive techniques.

Still, it turns out that Sea Turtle artifacts aren’t endangered. WhoisXML API researchers found hundreds after analyzing and expanding 37 IoCs.2 Leveraging DNS intelligence, we uncovered:

  • 81 email-connected domains
  • 13 IP-connected domains
  • 204 string-connected domains

Download a sample of the threat research materials now or contact us to access the complete set of research materials.

  • [1] https://www.bleepingcomputer.com/news/security/turkish-hackers-sea-turtle-expand-attacks-to-dutch-isps-telcos/  
  • [2] https://github.com/StrikeReady-Inc/research/tree/main/2023-12-27%20Sea%20Turtle 
Try our WhoisXML API for free
Get started