Uncloaking the Underbelly of JinxLoader
Loaders that are readily available in underground markets make it easy for cybercriminals, even newbies, to launch successful attacks. One such tool that has been gaining infamy—JinxLoader—has become available in hacker forums.1
Nineteen JinxLoader indicators of compromise (IoCs) have been made public in November 2023, which we at WhoisXML API queried on various DNS tools to identify all potential infection vectors.
Our IoC expansion analysis for JinxLoader led to the discovery of:
- 314 email-connected domains
- 158 IP-connected domains, one of which turned out to be malicious
- 1,116 string-connected domains, one of which turned out to be malicious
Download a sample of the threat research materials now or contact us to access the complete set of research materials.
-  https://twitter.com/Unit42_Intel/status/1730237085246775562