otx.alienvault.com
Open in
urlscan Pro
13.32.121.8
Public Scan
URL:
https://otx.alienvault.com/pulse/6602ca1fb3a72911ae9de39a
Submission: On April 04 via api from NL — Scanned from NL
Submission: On April 04 via api from NL — Scanned from NL
Form analysis 0 forms found in the DOM
Text Content
× Loading... * Browse * Scan Endpoints * Create Pulse * Submit Sample * API Integration * Login | Sign Up All * Login | Sign Up * Share Actions Subscribers (269734) Suggest Edit Clone Embed Download Report Spam THE GHOST OF TELLYOUTHEPASS LINGERS * Created 1 week ago * Modified 12 hours ago by AlienVault * Public * TLP: White Recently, 360 Ransomware Service received feedback from many victims from the financial sector that ransomware was implanted in their devices. After analysis, the source of this wave of attacks was successfully identified as the TellYouThePass ransomware family - an old ransomware family specializing in large-scale attacks exploiting server vulnerabilities. The family has already launched 3 larger-scale attacks in 2023, and began wreaking havoc again in early 2024. Reference: https://cert.360.cn/report/detail?id=65fceeb4c09f255b91b17f11 Tags: tellyouthepass, ransomware Adversary: TellYouThePass Industry: Finance Malware Family: TellYouThePass Att&ck IDs: T1210 - Exploitation of Remote Services , T1566 - Phishing , T1486 - Data Encrypted for Impact Endpoint Security Scan your endpoints for IOCs from this Pulse! Learn more * Indicators of Compromise (7) * Related Pulses (1) * Comments (0) * History (0) BitcoinAddress (1)IPv4 (5)email (1) TYPES OF INDICATORS China (2)South Korea (1)Iceland (1) THREAT INFRASTRUCTURE Show 10 25 50 100 entries Search: type indicator Role title Added Active related Pulses BitcoinAddressbc1qnuxx83nd4keeegrumtnu8kup8g02yzgff6z53lMar 26, 2024, 1:14:08 PM1emailservice@helloworldtom.onlineMar 26, 2024, 1:14:08 PM1IPv445.130.22.219Mar 26, 2024, 1:14:08 PM6IPv493.95.228.70Mar 26, 2024, 1:14:08 PM1IPv461.160.194.160Mar 26, 2024, 1:14:08 PM1IPv459.31.203.57Mar 26, 2024, 1:14:08 PM1IPv4120.77.82.232Mar 26, 2024, 1:14:08 PM1 SHOWING 1 TO 7 OF 7 ENTRIES COMMENTS You must be logged in to leave a comment. Refresh Comments * © Copyright 2024 AlienVault, Inc. * Legal * Status