Skip to content

Update add-wildcard-domain to include bersowir.org #416

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 18, 2024
Merged

Update add-wildcard-domain to include bersowir.org #416

merged 1 commit into from
Jun 18, 2024

Conversation

@g0d33p3rsec
Copy link
Contributor

@g0d33p3rsec g0d33p3rsec commented Jun 18, 2024
edited
Loading

Phishing Domain/URL/IP(s):

https://bersowir.org/MzgzaTkxMmY3cDJCMDY=
https://bersowir.org/M3AzUDk1NHMxeDQ2NG8=
https://bersowir.org/MzQzdTZoOWYzNTFZN0U=
https://bersowir.org/M0YzMTljMzQzRTR6OFE=
https://bersowir.org/M0EwWDFIM2g1dTdlNWY=
https://bersowir.org/M0szajRKMnQ0STJSM1E=
https://bersowir.org/MzEzZTl5MzM0SjdoMkc=
https://bersowir.org/M0MzSzh0N2Q2TDc0M1Y=
https://bersowir.org/MzgzWTlUM3Y5UzVkMk8=
https://bersowir.org/M1gzWTlYNFgwUTRWNzc=
https://bersowir.org/M1czczlMNDk1WjJGNUs=
https://bersowir.org/M0MzQjltNGc5MDRzMjM=
https://bersowir.org/M1AzRTlLMUsyYjZWOHQ=
https://bersowir.org/M3UzRTdHM3EzTjluMHk=
https://bersowir.org/M3kzZTlxNGE1UzZkOWY=
https://bersowir.org/M0czNDF5OVU5ZzZNM3A=
https://bersowir.org/MzMzMzdOMHQ1VDhZMG0=
https://bersowir.org/M2swUjgyM0s1ZTVVOFI=
https://bersowir.org/MzMzazVNN3E4Rjc3NnQ=
https://bersowir.org/M0wwaDhkOXkxZTVxOUM=
https://bersowir.org/M0kzNDlMMzU0NzhkN0Q=
https://bersowir.org/M0UzQjh0N1M2QjdWM20=
https://bersowir.org/M2YzUjlrMzk5bjlMMWM=
https://bersowir.org/MzMzVTdNNkc4STFpOGc=
https://bersowir.org/M0gzSzI0OVMzcDNUOFM=
https://bersowir.org/M1kzWjlJNDc1WDVLNGs=
https://bersowir.org/MkE3YTNCMmozZDQyNzk=
https://bersowir.org/M2MzbjU2MlczVTJVOE0=
https://bersowir.org/Mno5QjFHNFA0QjA4NjI=
https://bersowir.org/M1IzZTdVMkE3YjN4NTA=
https://bersowir.org/M0UzVTl0M0U1MjQ0Mk4=
https://bersowir.org/M2czVTl6M1A5WjhROVc=
https://bersowir.org/M08zRzhsNVQ2Sjc5OWg=

Impersonated domain

https://facebook.com/
https://www.google.com
https://www.betway.co.za
https://www.1voucher.co.za/
https://ff.garena.com/
https://trustwallet.com/
https://www.uefa.com/euro2024/
https://www.tut.ac.za/
https://www.wsu.ac.za/
https://srd.sassa.gov.za/

Describe the issue

This domain is now hosting the phishing kit that was previously at brunotasso[.]com[.]br (#413), wisbechguide[.]uk (#408), pescacancun[.]com (#406), bkengineersindia[.]com(#405), englishplusmore[.]com(#404), carnesboinobre[.]com[.]br(#398), technowide[.]com[.]tr(#396), jestertunes[.]com (#393), safecartusa[.]com (#391), foreverfarley[.]com (#387), azezieldraconous[.]com (#381), westernautomobileassembly[.]com (#376) , littleswanaircon[.]com[.]sg (#372), iwan2travel[.]com(#370), applesforfred[.]com (#369), theaerie[.]ca (#367), nico[.]sa (#366), ajstelecom[.]com[.]mx (#362), and others (more than 120 domains since 2021).

Related external source

Screenshot

Click to expand

image
image
image
image
image
image
image
image
image
image
image
image
image
image
image
image
image
image
image
image
image
image
image
image
image
image
image
image
image

spirillen added a commit to mypdns/matrix that referenced this pull request Jun 18, 2024
@spirillen
phishing
f1611c3 
fix #575
Rel Phishing-Database/phishing#416

----

Thanks to jetBrains for sponsoring IntelliJ (Ultimate Edition)
For non-commercial open source.
This helps My Privacy DNS to develop tools and maintain the blacklists.
@spirillen spirillen merged commit 7093b85 into Phishing-Database:main Jun 18, 2024
@g0d33p3rsec g0d33p3rsec mentioned this pull request Jun 19, 2024
Merged
@g0d33p3rsec
Copy link
Contributor Author

g0d33p3rsec commented Jun 20, 2024

Looking at the Virus Total results for this domain leads to this maldoc, which was submitted yesterday. The maldoc, in turn, reaches out to several files via http://151.139.177.50.

Adding to the list of things to follow up on.
image

image

This was referenced Jun 21, 2024
Merged
Merged
Merged
Merged
@g0d33p3rsec g0d33p3rsec mentioned this pull request Jul 2, 2024
Merged
This was referenced Jul 14, 2024
Merged
Merged
This was referenced Jul 25, 2024
Merged
Merged
@g0d33p3rsec g0d33p3rsec mentioned this pull request Aug 6, 2024
Merged
This was referenced Sep 3, 2024
Merged
Merged
Merged
@g0d33p3rsec g0d33p3rsec mentioned this pull request Sep 15, 2024
Merged
This was referenced Sep 26, 2024
Merged
Merged
Merged
@g0d33p3rsec g0d33p3rsec mentioned this pull request Oct 5, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@g0d33p3rsec @spirillen