Domains Portfolio Operated by Cytrox Spyware

Monday, July 29, 2024

Domains Portfolio Operated by Cytrox Spyware

The following is a list of C&C domains belonging to the Cytrox commercial spyware.

Sample domains involved in the campaign include:

hxxp://5m5.io

hxxp://actumali.org

hxxp://addons.ne

hxxp://adibjan.net

hxxp://adservices.gr.com

hxxp://advertsservices.com

hxxp://almasryelyuom.com

hxxp://alpineai.uk

hxxp://alraeeenews.com

hxxp://alraeesnews.net

hxxp://altsantiri.ne

hxxp://amazing.la

hxxp://api-apple-buy.com

hxxp://api-telecommunication.com

hxxp://applepps.com

hxxp://apps-ios.net

hxxp://aramexegypt.com

hxxp://atheere.com

hxxp://audit-pvv.com

hxxp://bank-alahly.com

hxxp://bbcsworld.com

hxxp://bi.tly.gr.com

hxxp://bi.tly.li

hxxp://bit-li.com

hxxp://bit-li.ws

hxxp://bit-ly.li

hxxp://bit-ly.org

hxxp://bitlly.li

hxxp://bitlyrs.com

hxxp://bitt.fi

hxxp://bity.ws

hxxp://bityl.me

hxxp://bmw.gr.com

hxxp://bookjob.cl

hxxp://browsercheck.se

hxxp://bumabara.bi

hxxp://burgerprince.us

hxxp://businesnews.net

hxxp://carrefourmisr.com

hxxp://cellconn.net

hxxp://chatwithme.st

hxxp://citroen.gr.com

hxxp://clockupdate.com

hxxp://cloudstatistics.net

hxxp://cloudtimesync.com

hxxp://cnn.gr.com

hxxp://com.apple.webkit.net

hxxp://connectivitycheck.li

hxxp://connectivitychecker.com

hxxp://contents-domain.com

hxxp://covid19masks.sh

hxxp://crashonline.si

hxxp://cut.re

hxxp://cyber.co

hxxp://danas.bi

hxxp://distedc.com

hxxp://ebill.co

hxxp://edolio5.com

hxxp://eg-gov.org

hxxp://egyqaz.com

hxxp://elpais.me

hxxp://engine.ni

hxxp://enikos.ne

hxxp://ereportaz.ne

hxxp://espressonews.gr.com

hxxp://etisalatgreen.com

hxxp://ewish.ca

hxxp://fastdownload.me

hxxp://ferrari.gr.com

hxxp://ffoxnewz.com

hxxp://fimes.gr.com

hxxp://fisherman.engine.ni

hxxp://flexipagez.com

hxxp://forwardeshoptt.com

hxxp://getsignalapps.com

hxxp://getsignalapps.li

hxxp://goldenscent.net

hxxp://goldenscint.com

hxxp://goldescent.com

hxxp://gosokm.com

hxxp://guardian-tt.me

hxxp://guardnew.li

hxxp://guardnews.li

hxxp://heaven.ar

hxxp://heiiasjournai.com

hxxp://hellasjournal.com

hxxp://hellottec.ar

hxxp://hempower.sh

hxxp://icloudeu.com

hxxp://icloudflair.com

hxxp://ikea-egypt.net

hxxp://in-politics.com

hxxp://infosms-a.si

hxxp://insider.gr.com

hxxp://instagam.cl

hxxp://instagam.in

hxxp://instagam.ph

hxxp://instegram.co

hxxp://ios-apps.st

hxxp://iosmnbg.com

hxxp://itcgr.li

hxxp://itly.li

hxxp://itter.me

hxxp://kathimerini.ne

hxxp://kinder.engine.ni

hxxp://koenigseggg.com

hxxp://kohaicorp.com

hxxp://koora-egypt.com

hxxp://kormoran.bi

hxxp://kranos.gr.com

hxxp://lamborghini-s.sh

hxxp://lexpress.me

hxxp://lifestyleshops.net

hxxp://link-protection.com

hxxp://linkit.cl

hxxp://liponals.st

hxxp://llinkedin.net

hxxp://lnkedin.org

hxxp://localegem.net

hxxp://md-news-direct.com

hxxp://mifcbook.li

hxxp://mitube1.li

hxxp://mlinks.ws

hxxp://mobnetlink1.com

hxxp://mobnetlink2.com

hxxp://mobnetlink3.com

hxxp://msas.ws

hxxp://mycoffeeshop.sh

hxxp://myfcbk.net

hxxp://myutbe.net

hxxp://nabd.si

hxxp://nassosblog.gr.com

hxxp://nemshi-news.li

hxxp://nemshi.net

hxxp://networkenterprise.net

hxxp://newsbeast.gr.com

hxxp://niceonase.com

hxxp://niceonesa.net

hxxp://nissan.gr.com

hxxp://novosti.bi

hxxp://olexegy.com

hxxp://olxeg.com

hxxp://omanreal.net

hxxp://onlineservices.gr.com

hxxp://orangegypt.co

hxxp://orchomenos.ne

hxxp://otaupdatesios.com

hxxp://paok-24.com

hxxp://pastepast.net

hxxp://playestore.net

hxxp://politika.bi

hxxp://politique-koaci.info

hxxp://prmopromo.com

hxxp://pronews.gr.com

hxxp://protothema.li

hxxp://qwxzyl.com

hxxp://redeitt.com

hxxp://redirecting.li

hxxp://redirecting.pa

hxxp://safelyredirecting.com

hxxp://sepenet.gr.com

hxxp://sephoragroup.com

hxxp://servers-mobile.info

hxxp://serviceupdaterequest.com

hxxp://sextape225.me

hxxp://shorten.fi

hxxp://shortenurls.me

hxxp://shortwidgets.com

hxxp://shortxyz.com

hxxp://simetricode.uk

hxxp://sinai-new.com

hxxp://smsuns.com

hxxp://sniper.pe

hxxp://speedy.sb

hxxp://speedymax.sh

hxxp://sportsnewz.si

hxxp://static-graph.com

hxxp://stonisi.ne

hxxp://supportset.net

hxxp://suzuki.gr.com

hxxp://svetovid.bi

hxxp://symoty.com

hxxp://synctimestamp.com

hxxp://syncupdate.si

hxxp://telecomegy-ads.com

hxxp://telenorconn.com

hxxp://tesla-s.sh

hxxp://teslal.sh

hxxp://teslali.com

hxxp://timestampsync.com

hxxp://timeupdateservice.com

hxxp://tiny.gr.com

hxxp://tinylinks.li

hxxp://tinyulrs.com

hxxp://tinyurl.cl

hxxp://tly.gr.com

hxxp://tly.li

hxxp://tovima.li

hxxp://tw.itter.me

hxxp://twtter.net

hxxp://ube.gr.com

hxxp://uberegypt.cn.com

hxxp://url-promo.cl

hxxp://uservicescheck.com

hxxp://uservicesforyou.com

hxxp://viva.gr.com

hxxp://vodafonegypt.com

hxxp://we-site.net

hxxp://weathear.li

hxxp://webaffise.com

hxxp://wha.tsapp.me

hxxp://wtc1111.com

hxxp://wtc2222.com

hxxp://wtc3333.com

hxxp://xf.ac

hxxp://xnxx-hub.com

hxxp://yallakora-egy.com

hxxp://yo.utube.to

hxxp://yout.ube.gr.com

hxxp://youtu-be.net

hxxp://youtube.gr.li

hxxp://youtubesyncapi.com

hxxp://youtubewatch.co

hxxp://yuom7.net

hxxp://z2adigital.cl

hxxp://z2digital.cl

hxxp://zougla.gr.com

hxxp://zougla.ne

hxxp://iclouddid.com

hxxp://iclouddii.com

hxxp://jinruifanglue.com

hxxp://icloudicloudapple.com

hxxp://apple-imessage-app.com

hxxp://icloundin.com

hxxp://icloudrw.com

hxxp://icloudlc.com

hxxp://icloudcu.com

hxxp://icloundip.com

hxxp://icloudll.com

hxxp://icloudlu.com

hxxp://icloundie.com

hxxp://iclouddl.com

hxxp://icloudiu.com

hxxp://iclouddu.com

hxxp://apple-usa-info.com

hxxp://apple-icloud-info.com

hxxp://apple-imessage-icloud.com

hxxp://appleid-icloud-imessage.com

hxxp://com-apple-sms.com

hxxp://info-apple-find-my-iphone.com

hxxp://apple-sms-vid.com

hxxp://apple-see-info.com

hxxp://apple-imessage-info.com

hxxp://apple-imessage-sms.com

hxxp://apple-imessage-usa-id.com

hxxp://apple-icloud-imessage-usa.com

hxxp://apple-imessage-id.com

hxxp://imessage-apple-icloud.com

hxxp://apple-icloud-imessage.com

hxxp://icloud-store-apple-app.com

hxxp://icloudzx.com

hxxp://icloudaz.com

hxxp://icloudld.com

hxxp://appleicloudicloud.com

hxxp://icloudidid.com

hxxp://icloudiui.com

hxxp://icloudiy.com

hxxp://icloudii.com

hxxp://icloudzo.com

hxxp://icloudee.com

hxxp://miwire.net

hxxp://icloudai.com

hxxp://icloudci.com

hxxp://icloudidi.com

hxxp://icloudal.com

hxxp://lclorud.com

hxxp://applcioud.com

hxxp://icloudeu.com

hxxp://icloudsd.com

hxxp://iclouddd.com

hxxp://icloudlx.com

hxxp://applelcioud.com

hxxp://icloudlk.com

hxxp://icloundil.com

hxxp://icloudoo.com

hxxp://icloundiy.com

hxxp://icloudod.com

hxxp://iclouddk.com

hxxp://icloudam.com

hxxp://iclouddy.com

hxxp://icloudcy.com

hxxp://comqiao.com

hxxp://swsport.net

hxxp://icloudaa.com

hxxp://iclouddi.com

hxxp://icloudic.com

hxxp://zhaodaopingguo.com

hxxp://icloudbo.com

hxxp://applelcioud.net

hxxp://icloudig.com

hxxp://appleicoud.com

hxxp://bet1228.com

hxxp://zhutoujian.com

hxxp://91jiu.net

hxxp://asunnyboy.com

hxxp://ic10ud.com

hxxp://qr8dndntnca45d586c6c6ra2ct0ob.net

hxxp://icloudli.com

hxxp://yuntuopan.com

hxxp://info-app-inc.com

hxxp://info-app-sms.com

hxxp://apple-vid-id.com

hxxp://apple-info-usa.com

hxxp://apple-info-see.com

hxxp://apple-vid-info.com

hxxp://apple-info-sms.com

hxxp://apple-indo-vid.com

hxxp://apple-vid.com

hxxp://apple-info-vid.com

Dancho Danchev

Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com

Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

Monday, July 29, 2024

Domains Portfolio Operated by Cytrox Spyware

No comments:

Post a Comment