Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

himosteg.xyz #1161

Closed
g0d33p3rsec opened this issue Oct 8, 2024 · 3 comments
Closed

himosteg.xyz #1161

g0d33p3rsec opened this issue Oct 8, 2024 · 3 comments
Labels
Malicious Domains used for Malicious software Phishing Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passw Scamming Scam Ware or Scamming

Comments

@g0d33p3rsec
Copy link
Collaborator

g0d33p3rsec commented Oct 8, 2024
edited
Loading

Comments

Related to MoneyBadger$ traffic distribution system. See also: Phishing-Database/phishing#492

Wildcard domain records

himosteg.xyz|malicious,phishing,scamming

Sub-Domain records

No response

Hosts (RFC:953) specific records, not used by DNS RPZ firewalls

No response

SeafeSearch records

No response

Screenshots

Screenshot

374747690-5318e95a-30b1-4836-a08f-bd2db808912f

Links to external sources

https://himosteg.xyz/auth.php 
https://urlscan.io/result/1bb682cd-e9d8-43fa-8222-ba8effe534fa/
https://twitter.com/1ZRR4H/status/1685764738121175040

logs from uBlock Origin

N/A
@g0d33p3rsec
Copy link
Collaborator Author

@spirillen I'm not sure how to best categorize this and the other entries from Phishing-Database/phishing#492. This page is a log in and likely C2 for the traffic distribution system being used to push fake virus notifications.

@g0d33p3rsec g0d33p3rsec added the Scamming Scam Ware or Scamming label Oct 8, 2024
@spirillen
Copy link
Contributor

Commented in https://kb.mypdns.org/issue/MTX-1162/himosteg.xyz#focus=Comments-4-229.0-0

If you update your profile there, you can get access to hidden issues as well for all mypdns project.

@spirillen spirillen reopened this Oct 9, 2024
@g0d33p3rsec
Copy link
Collaborator Author

Commented in https://kb.mypdns.org/issue/MTX-1162/himosteg.xyz#focus=Comments-4-229.0-0

If you update your profile there, you can get access to hidden issues as well for all mypdns project.

Cool, thanks. I've signed up with the same display name as this account. It looks like the username appended .wwgj to that.

@g0d33p3rsec g0d33p3rsec added Malicious Domains used for Malicious software Phishing Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passw labels Oct 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Malicious Domains used for Malicious software Phishing Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passw Scamming Scam Ware or Scamming
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@spirillen @g0d33p3rsec