Today > vulnerabilities   -   You can now download lists of IOCs here!

Tag: typosquatting

3 attack reports | 0 vulnerabilities

Attack reports

Supply Chain Attack Using Ethereum Smart Contracts to Distribute Multi-Platform Malware

A sophisticated supply chain attack has been discovered targeting the NPM ecosystem. The malicious package 'jest-fet-mock' impersonates popular testing utilities and uses Ethereum smart contracts for command-and-control operations. This cross-platform malware affects Windows, Linux, and macOS, exec…

supply-chain
typosquatting
c2
npm
multi-platform
2024-11-05
blockchain
development-tools
smart-contract
ethereum
jest-fet-mock
Published: November 5, 2024

Downloadable IOCs 4

Phishing Via Typosquatting and Brand Impersonation: Trends and Tactics

From February to July 2024, an analysis of over 500 popular domains revealed more than 10,000 malicious lookalike domains employing typosquatting and brand impersonation techniques. Google, Microsoft, and Amazon were the most targeted brands, accounting for nearly 75% of phishing domains. Almost ha…

phishing
typosquatting
credential theft
scams
domain abuse
2024-09-12
brand impersonation
certificate abuse
Published: September 12, 2024

Downloadable IOCs 10

Fake Advanced IP Scanner Installer Delivers Dangerous Backdoor

Security researchers discovered a malicious version of the Advanced IP Scanner installer, which contained a backdoored DLL module. The compromised installer was distributed through a typo-squatted domain and appeared in search results for the legitimate software. When executed, the installer inject…

backdoor
supply-chain
typosquatting
2024-06-06
cobaltstrike
malicious-installer
Published: June 6, 2024

Downloadable IOCs 11

» Click here to see all Attack Reports «