Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add telegram lures to add-wildcard-domain #427

Merged
merged 1 commit into from
Jun 25, 2024
Merged

add telegram lures to add-wildcard-domain #427

merged 1 commit into from
Jun 25, 2024

Conversation

g0d33p3rsec
Copy link
Contributor

Phishing Domain/URL/IP(s):

https://confession-best.ru/
https://estimation-best.ru/
https://online-personality.ru/ 
https://reputation-best.ru/

Impersonated domain

https://telegram.org/

Describe the issue

While investigating the content on a suspicious image host, i.postimg.cc, I came across this set of similarly structured lure pages which all request the use of a Telegram login.

Related external source

https://www.virustotal.com/gui/url/495cf2686ed5a71d69c5deff7632d56bbc3a28d903fb7faf52be349674137043
https://urlscan.io/result/2c2f4fd0-1f17-46b5-8360-3b99c50506c7/
https://urlscan.io/result/69ce106f-0bae-4d08-8082-536dca9d9078/
https://urlscan.io/result/d5fcd862-d596-4e5f-9961-3c3e589949e6/
https://urlscan.io/result/415f3197-0826-4cb3-9c07-5f6e2c1d6819/

Screenshot

Click to expand

image
image
image
image
image
image

@spirillen spirillen merged commit 2c62710 into Phishing-Database:main Jun 25, 2024
1 check failed
@g0d33p3rsec g0d33p3rsec deleted the add-telegram-lures-found-using-common-image-host branch June 25, 2024 15:48
This was referenced Jun 25, 2024
Closed
Closed
Closed
Closed
spirillen added a commit to mypdns/matrix that referenced this pull request Jun 26, 2024
@spirillen
confession-best.ru
d90fb27 
Fix #612
Rel: Phishing-Database/phishing#427

----

Thanks to jetBrains for sponsoring IntelliJ (Ultimate Edition)
For non-commercial open source.
This helps My Privacy DNS to develop tools and maintain the blacklists.

Signed-off-by: Spirillen <[email protected]>
spirillen added a commit to mypdns/matrix that referenced this pull request Jun 26, 2024
@spirillen
online-personality.ru
a0d8bd2 
Fix #613
Rel: Phishing-Database/phishing#427

----

Thanks to jetBrains for sponsoring IntelliJ (Ultimate Edition)
For non-commercial open source.
This helps My Privacy DNS to develop tools and maintain the blacklists.

Signed-off-by: Spirillen <[email protected]>
spirillen added a commit to mypdns/matrix that referenced this pull request Jun 26, 2024
@spirillen
reputation-best.ru
21f0642 
Fix #614
Rel: Phishing-Database/phishing#427

----

Thanks to jetBrains for sponsoring IntelliJ (Ultimate Edition)
For non-commercial open source.
This helps My Privacy DNS to develop tools and maintain the blacklists.

Signed-off-by: Spirillen <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@g0d33p3rsec @spirillen