Blog
Share This Post
[ad_1]
Hackread reports that Iranian cyberespionage group Fox Kitten was discovered by Censys researchers to potentially launch future intrusions using three previously unknown hosts with the same patterns and Autonomous Systems suspected to be part of the same infrastructure, as well as a pair of hosts with the same domain indicators of compromise.
Aside from leveraging dynamic IP addresses, Fox Kitten also sought to conceal its attack infrastructure through broad Autonomous System deployment and spurious certificate names, according to the Censys report, which was based on data from the joint FBI, Cybersecurity and Infrastructure Security Agency, and Department of Defense Cyber Crime Center warning.
Further analysis revealed a pair of domain IOCs not previously detailed by the joint cybersecurity advisory; similarities in geolocations and Autonomous System numbers among the hosts, and over 38,000 similar hosts suspected to be malicious. Such findings could be used to facilitate further Fox Kitten infrastructure discovery, researchers said.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
