Security Brief: Threat Actors Gift Holiday Lures to Threat Landscape

    Tuesday, December 24, 2024 In: Threat Research Print

    Date: 12/24/2024

    Severity: High 

    Summary

    With the holiday season in full swing, threat actors are exploiting people's interest in deals, job opportunities, and year-end bonuses. Our researchers have noted a rise in seasonal, themed campaigns delivering malware, fraud, and credential phishing attacks.

    Indicators of Compromise (IOC) List

    Domains\Urls :

    cybelejack9.mywire.org 

    quantumdhub.ru

    9a8ed03d.f2cb57a2c2a430507599d2aa.workers.dev 

    orients-pk.com

    jobs-projecthope.org 

    IP Address : 

    185.161.251.208 

    Hash : 

    713d2cca841c2d3df5ba1a4f8926970966ff931d01616ac48d5170a69c1e0765

    Gurucul Threat Detection and Incident Response (TDIR) Queries for Detection

    Domains\Urls :

    userdomainname like "jobs-projecthope.org" or url like "jobs-projecthope.org" or userdomainname like "orients-pk.com" or url like "orients-pk.com" or userdomainname like "cybelejack9.mywire.org" or url like "cybelejack9.mywire.org" or userdomainname like "9a8ed03d.f2cb57a2c2a430507599d2aa.workers.dev" or url like "9a8ed03d.f2cb57a2c2a430507599d2aa.workers.dev" or userdomainname like "quantumdhub.ru" or url like "quantumdhub.ru"

    IP Address : 

    dstipaddress IN ("185.161.251.208") or ipaddress IN ("185.161.251.208") or publicipaddress IN ("185.161.251.208") or srcipaddress IN ("185.161.251.208")

    Hash :

    sha256hash IN ("713d2cca841c2d3df5ba1a4f8926970966ff931d01616ac48d5170a69c1e0765")

    Reference:   

    https://www.proofpoint.com/us/blog/threat-insight/security-brief-threat-actors-gift-holiday-lures-threat-landscape 


    Tags

    MalwarePhishing

    « Previous ArticleNext Article »

    Comments

    No records to display

    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2025 by Gurucul - All rights reserved.