SolarMarker Impersonates Job Employment Website
June 18, 2024, 10:09 p.m.
Tags
External References
Description
On April 2024, Cyber Analysts responded to a SolarMarker infection event. The infection occurred through a drive-by download when a user, while searching for workplace team-building ideas on Bing, was directed to a malicious site impersonating the global employment website, Indeed.
Date
Published: June 18, 2024, 9:45 p.m.
Created: June 18, 2024, 9:45 p.m.
Modified: June 18, 2024, 10:09 p.m.
Indicators
139.60.161.78
2.58.15.118
146.70.80.83
https://finestyle.com/
https://stopvulcancomalcounty.info
https://jacob-jonesinvestigation.com
Attack Patterns
StellarInjector
SolarPhantom
T1110
T1199
T1105
T1055
T1553
T1560
Additional Informations
Food
Construction
Retail
Healthcare
Legal
Education
Finance
Government
Manufacturing