'Reptile Recon': Discovering CryptoChameleon fast flux IOFAs. Hundreds of domains, IPs, and ASNs discovered
May 30, 2024, 10:01 a.m.
Description
A report detailing the analysis of the CryptoChameleon phishing kit, which is used to harvest sensitive information from employees and customers across various platforms. Silent Push Threat Analysts conducted research that revealed a large number of fast flux Indicators of Future Attack (IOFAs) targeting cryptocurrency exchanges, tech companies, and other platforms, using techniques like DNSPod nameservers and fast flux evasion. The report provides background on CryptoChameleon, its tactics and techniques, and the associated infrastructure discovered by Silent Push.
Date
| Published | Created | Modified |
|---|---|---|
| May 30, 2024, 9:31 a.m. | May 30, 2024, 9:31 a.m. | May 30, 2024, 10:01 a.m. |
Attack Patterns
T1568.001
T1038
T1588
T1556
T1534
T1608
T1583
T1614
T1598
T1218
T1057
T1071