Tuesday, May 02, 2023

Who's Behind the Butterfly Bot/DCI Bot/DownTroj/Aspergillus Botnet Malicious Software?

Awesome.

Emails known to have been involved in the campaign include:

iserdo@gmail.com

toadmin@1337crew.info

wg.fatal@gmail.com

emailedgov.hacN@gmail.com

admin@1337crew.info

jernej_5@hotmail.com

usediserdo@gmail.com

toiserdo@gmail.com

schlist90210@gmail.com

Waisted.time@hotmail.com

addressnetNairo@hotmail.com

betweennetNairo@hotmail.com

hamlet1917@hotmail.com

addresshamlet1917@hotmail.com

withhamlet1917@hotmail.com

floxter@hotmail.com

ice@iceman.in

addressleniqi.mentor@siol.net

leniqi.mentor@siol.net

accountiserdo@gmail.com

addressicemangjN@hotmail.com

Sample screenshot:


Related domains:
hxxp://voc[.]cash
hxxp://deepbluesecurity[.]nl
hxxp://erc20collector[.]com
hxxp://b2bradio[.]net
hxxp://threatforce[.]net
hxxp://intelhub[.]link

Related screenshots:


Related screenshots:


Related domains:
hxxp://voc[.]cash
hxxp://deepbluesecurity[.]nl
hxxp://erc20collector[.]com
hxxp://b2bradio[.]net
hxxp://intelhub[.]link
hxxp://albahost[.]net
hxxp://albaname[.]com
hxxp://mpuq[.]net
hxxp://albaname[.]net
hxxp://threatforce[.]net
hxxp://tamiflux[.]net
hxxp://tamiflux[.]org

Sample screenshot of Voc Cash:

No comments:

Post a Comment