Iran's Afkar System Yazd Co Ransomware

Friday, December 01, 2023

Iran's Afkar System Yazd Co Ransomware

The following is all the associated ransomware themed domains known to have been associated with Iran's Afkar System Yazd Co ransomware.

Sample domains known to have been involved in the campaign include:

hxxp://newdesk.top

hxxp://onedriver-srv.ml

hxxp://symantecserver.co

hxxp://microsoft-updateserver.cf

hxxp://msupdate.us

hxxp://service-management.tk

hxxp://aptmirror.eu

hxxp://winstore.us

hxxp://my-logford.ml

hxxp://gupdate.us

hxxp://tcp443.org

Sample email address accounts known to have been involved in the campaign include:

amirbitminer[.]gmail.com

thund3rz[.]protonmail.com

Dancho Danchev

Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com

Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

Friday, December 01, 2023

Iran's Afkar System Yazd Co Ransomware

No comments:

Post a Comment