Newly Registered Domains for Sports-Themed Crypto Scams

    Thursday, February 13, 2025 In: Threat Research Print

    Date: 02/13/2025

    Severity: Medium

    Summary

    "Newly Registered Domains for Sports-Themed Crypto Scams" highlights the discovery of recently registered domains leading up to the 2025 Super Bowl, which are promoting fraudulent meme coins and pump-and-dump crypto schemes. These scams exploit celebrity imagery, misleading tokenomics, and aggressive marketing tactics to deceive victims.

    Indicators of Compromise (IOC) List

    Hash

    nflsuperbowlsol.xyz

rflsuperbowl.xyz

superbowl.my

superbowl-sbm.xyz

superbowl2025.site

superbowlai.app

superbowlcoin.net

superbowlcoinflip.live

superbowlcoinflip.xyz

superbowlmeme.community

superbowlmemecoin.com

superbowlsol.meme

superfartbowl.com

supermemebowl.com

supermemebowl.xyz

superpepebowl.com

superbowlonsol.live

trumponsuperbowl.com

    Gurucul Threat Detection and Incident Response (TDIR) Queries for Detection

    Detection Query 1

    userdomainname like "nflsuperbowlsol.xyz" or url like "nflsuperbowlsol.xyz" or userdomainname like "superbowl2025.site" or url like "superbowl2025.site" or userdomainname like "rflsuperbowl.xyz" or url like "rflsuperbowl.xyz" or userdomainname like "superbowl.my" or url like "superbowl.my" or userdomainname like "superbowl-sbm.xyz" or url like "superbowl-sbm.xyz" or userdomainname like "superbowlai.app" or url like "superbowlai.app" or userdomainname like "superbowlcoin.net" or url like "superbowlcoin.net" or userdomainname like "superbowlcoinflip.live" or url like "superbowlcoinflip.live" or userdomainname like "superbowlcoinflip.xyz" or url like "superbowlcoinflip.xyz" or userdomainname like "superbowlmeme.community" or url like "superbowlmeme.community" or userdomainname like "superbowlmemecoin.com" or url like "superbowlmemecoin.com" or userdomainname like "superbowlsol.meme" or url like "superbowlsol.meme" or userdomainname like "superfartbowl.com" or url like "superfartbowl.com" or userdomainname like "supermemebowl.com" or url like "supermemebowl.com" or userdomainname like "supermemebowl.xyz" or url like "supermemebowl.xyz" or userdomainname like "superpepebowl.com" or url like "superpepebowl.com" or userdomainname like "superbowlonsol.live" or url like "superbowlonsol.live" or userdomainname like "trumponsuperbowl.com" or url like "trumponsuperbowl.com"

    Reference:

    https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2025-02-11-IOCs-for-sports-themed-crypto-scams.txt


    Tags

    Cryptocurrency ScamsDomain Spoofing

    « Previous ArticleNext Article »

    Comments

    No records to display

    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2025 by Gurucul - All rights reserved.