DNS Spotlight: Rockstar2FA Shuts Down, FlowerStorm Starts Up
WhoisXML API found 1,340+ artifacts that could be connected to FlowerStorm. Download the threat research materials now.
Continue reading Download reportUnloading MintsLoader IoCs Using DNS Intelligence
A sophisticated malware campaign leveraging MintsLoader is targeting critical infrastructure and legal firms across the U.S. and Europe. MintsLoader’s advanced techniques, including using a domain generation algorithm (DGA) to create new command-and-control (C&C) servers, make detection difficult.1
Building on the 61 indicators of compromise (IoCs) related to the ongoing MintsLoader attack identified by threat researchers at eSentire2, the WhoisXML API research team utilized our comprehensive DNS intelligence and uncovered additional artifacts comprising:
- Two additional IP addresses, one of which turned out to be malicious
- 46 IP-connected domains, 27 of which were malicious
- 142 string-connected domains, 25 of which turned out to be malicious
Download a sample of the threat research materials now or contact sales to discuss your intelligence needs for threat detection and response or other cybersecurity use cases.
—
- [1] https://thehackernews.com/2025/01/mintsloader-delivers-stealc-malware-and.html
- [2] https://github.com/eSentire/iocs/blob/main/MintsLoader/MintsLoader_Stealc_01_14_2025.txt