Today > | 1 Medium vulnerabilities   -   You can now download lists of IOCs here!

SolarMarker Impersonates Job Employment Website

June 18, 2024, 10:09 p.m.

Description

On April 2024, Cyber Analysts responded to a SolarMarker infection event. The infection occurred through a drive-by download when a user, while searching for workplace team-building ideas on Bing, was directed to a malicious site impersonating the global employment website, Indeed.

Date

Published: June 18, 2024, 9:45 p.m.

Created: June 18, 2024, 9:45 p.m.

Modified: June 18, 2024, 10:09 p.m.

Indicators

139.60.161.78

2.58.15.118

146.70.80.83

https://finestyle.com/

https://stopvulcancomalcounty.info

https://jacob-jonesinvestigation.com

Attack Patterns

StellarInjector

SolarPhantom

T1110

T1199

T1105

T1055

T1553

T1560

Additional Informations

Food

Construction

Retail

Healthcare

Legal

Education

Finance

Government

Manufacturing