Dancho Danchev's Blog - Mind Streams of Information Security Knowledge: Massive "Facebook Appeal" Themed Phishing Campaign Uses Google's Firebase Spotted in the Wild

I just came across to a currently active phishing campaign that's using Google's Firebase as a hosting infrastructure for the purpose of enticing users into falling victim into a rogue and fake "Facebook Appeal" themed phishing campaign.

You can check out my initial analysis at my official Dark Web Onion here as my initial post got censored by Google as it violates its Terms of Service.

Sample malicious and rogue phishing domains known to have been involved in the campaign:

hxxp://publicaccount-facebook-46956.web.app

hxxp://publicappeal-348239237392.web.app

hxxp://publicappeal-9344858302239.web.app

hxxp://publicappeal-facebook.web.app

hxxp://publicappeal-form-fb-copyright102872.web.app

hxxp://publicappeal-form-fb-copyright104352.web.app

hxxp://publicappeal-form-fb-copyright119275.web.app

hxxp://publicappeal-form-fb-copyright126776.web.app

hxxp://publicappeal-form-fb-copyright171651.web.app

hxxp://publicappeal-form-fb-copyright18251.web.app

hxxp://publicappeal-form-fb-copyright18258.web.app

hxxp://publicappeal-form-fb-copyright18274.web.app

hxxp://publicappeal-form-fb-copyright18275.web.app

hxxp://publicappeal-form-fb-copyright182755.web.app

hxxp://publicappeal-form-fb-copyright18721.web.app

hxxp://publicappeal-form-fb-copyright187265.web.app

hxxp://publicappeal-form-fb-copyright187285.web.app

hxxp://publicappeal-form-fb-copyright18762.web.app

hxxp://publicappeal-form-fb-copyright981725.web.app

hxxp://publicappeal-form-page-unpublish1897.web.app

hxxp://publicappeal-from-fb-copyright12352.web.app

hxxp://publicappeal-from-fb-copyright12857.web.app

hxxp://publicappeal-page-unpublish-1827589.web.app

hxxp://publicappeal-page-unpublish1107276.web.app

hxxp://publicappeal-page-unpublish118172861.web.app

hxxp://publicappeal-page-unpublish18275.web.app

hxxp://publicappeal-page-unpublish182758.web.app

hxxp://publicappeal-page-unpublish1827586.web.app

hxxp://publicappeal-page-unpublish1827588.web.app

hxxp://publicappeal-page-unpublish182759.web.app

hxxp://publicappeal-page-unpublish18278652.web.app

hxxp://publicappeal-page-unpublish1827890.web.app

hxxp://publicappeal-page-unpublish187-36ac4.web.app

hxxp://publicappeal-page-unpublish187265.web.app

hxxp://publicappeal-page-unpublish18769.web.app

hxxp://publicappeal-page-unpublish1906392.web.app

hxxp://publicbusiness-appeal-form-129862.web.app

hxxp://publicbusiness-appeal-form125921.web.app

hxxp://publicfacebookappeal110631.web.app

hxxp://publicfb-appeal-form-29997.web.app

hxxp://publicfb-appeal-form-70f46.web.app

hxxp://publicfb-appeal-form-791bd.web.app

hxxp://publicfb-appeal-form-8276f.web.app

hxxp://publichouse-h3.web.app

hxxp://publicpage-appeal-unpublish1253631.web.app

hxxp://publicproject-8595314475285305009.web.app

hxxp://publicrestriction-appeal-business128.web.app

hxxp://publicreview2024545897534.web.app

Stay tuned!

Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

Friday, October 29, 2021

Massive "Facebook Appeal" Themed Phishing Campaign Uses Google's Firebase Spotted in the Wild - An OSINT Analysis

No comments:

Post a Comment