Today > 13 Critical | 36 High | 32 Medium vulnerabilities   -   You can now download lists of IOCs here!

Unwrapping the AIZ—Aggressive Inventory Zombies—Retail & Crypto Phishing Network Campaign

Dec. 13, 2024, 1:31 p.m.

Description

A large-scale phishing campaign targeting retail brands and cryptocurrency users has been uncovered. The campaign, dubbed 'Aggressive Inventory Zombies' (AIZ), initially impersonated Etsy but expanded to target major retailers like Amazon, BestBuy, and eBay. The threat actor uses a popular website template to create phishing sites, integrating chat services for malicious activities. The campaign also targets crypto audiences with a substantial network of phishing sites. The research revealed financial ties to India and collaboration with Stark Industries led to the discovery of additional infrastructure. The campaign employs various tactics, including bulk pricing schemes and live chat widgets for phishing. Multiple cryptocurrency-related phishing efforts were also identified, targeting various crypto brands and exchanges.

Date

Published: Dec. 13, 2024, 1:21 p.m.

Created: Dec. 13, 2024, 1:21 p.m.

Modified: Dec. 13, 2024, 1:31 p.m.

Indicators

45.144.31.235

45.144.30.184

2.56.178.87

http://chat.ssrchat.com/service

xbtce-exchange.xyz

wayfairmy.cc

vnbestbuy.store

vipmydealshopgo.xyz

vipetsyappshop.cc

tik-tokvnshop.net

store-joo.org

standard-software.cn

spsailexpsess.com

snaspshopping.com

pantera-exchange.com

pammvip.com

ozatchenum.com

officialjunglee.com

msostock.net

moomoccapital.com

mkgmailgo.com

mioiocapitald.com

midjornieyskilload.com

mgciscoin.co

m2stock.net

luxury-collection.cc

klo-ok.cc

jngfhjiu56u7.top

jd-shopvnvip.top

inretsyvipclubapp.com

haiwaisite666.com

haiwaidemosite.com

group-joo.org

global-joom.org

exchangeaaa.xyz

etsyvipinr.com

etsyvipclub.xyz

etsystore.org

etsyshopinr.com

etsyoou.icu

etsyme.com

etsyclubvip.xyz

etsyappstorevip.xyz

etsyappstoreglobal.xyz

etsyappstoreglobal.com

etsy.one

ebaymerchant.xyz

ebay-i.shop

e-box.vip

cross-borderstore.com

coinworld-online-exchange.cc

chillivipstore.com

bitcoin-contract.vip

appstoreetsy.vip

amlguards.com

aml-check-wallet.com

amazonprime.id

amazon-ecommerce-shop.com

ai-tiktok.top

Attack Patterns

Aggressive Inventory Zombies (AIZ)

T1585

T1589

T1586

T1187

T1608

T1583

T1592

T1566

Additional Informations

Retail