otx.alienvault.com Open in urlscan Pro
99.86.4.57  Public Scan

Form analysis
0 forms found in the DOM

Text Content

×

   
 * Browse
 * Scan Endpoints
 * Create Pulse
 * Submit Sample
 * API Integration
   
   
 * Login | Sign Up
   

All
   
 * Login | Sign Up
   
 * 
   

URL
http://lockbitks2tvnmwk.onion
Add to Pulse
Pulses
4
Total Transactions
0
SSL Requests
0
HTTP Requests
0
Analysis Overview
Analysis Date
3 years ago
Domain
lockbitks2tvnmwk.onion
13
Pulses
1
Passive DNS
70
URLS
0
Files
Related Pulses
OTX User-Created Pulses (4)
Related Tags
95 Related Tags
msi file , 
tuesday , 
malspam email , 
headers , 
anna paula
More
Google Safe Browsing
Not identified as malicious
External Resources
Whois
VirusTotal
VirusTotal API key required



Analysis

Related Pulses

Integrations

Comments (0)

No Additional Analysis Available



HTTP SCANS



No Entries Found

 * User Created (4)
   

Network IOCs
URL Indicator Inactive
 * Created 1 year ago
   
 * Modified 2 hours ago by cnoscsoc@att.com
 * Public
 * TLP: White

IPv4: 2439 | URL: 936 | Domain: 76002 | Email: 1 | Hostname: 29181
Network-based IOCs
msi file,  tuesday,  malspam email,  headers,  anna paula,  utf8, 
currc3adculo,  from email,  associated,  zip archive
 * 256 Subscribers

Ransomware Diaries: Volume 1
URL Indicator Active
   
 * Created 2 weeks ago by eric.ford
 * Public
 * TLP: White

FileHash-MD5: 54 | URL: 130 | Domain: 38
Over the months, Jon DiMaggio spent time on criminal forums and private chat
groups used by ransomware criminals and gained inside knowledge about the
LockBit gang itself. Jon identified the accounts and infrastructure used by the
gang and the criminals they interacted with. Jon could see the tools and
resources used to manage and conduct attacks from the adversary’s perspective.
More importantly, Jon learned about the opinions, personal habits, motivations,
and insecurities of the human criminals behind the operation. Then, Jon took
many of the public events and high-profile attacks to include theories
previously made about the LockBit gang and tried to capture the side of this
very interesting story.
actor/lockbit
 * 41 Subscribers

Lockbit Ransomware
URL Indicator Active
 * Created 7 months ago
   
 * Modified 3 weeks ago by BITSecurity
 * Public
 * TLP: White

CVE: 2 | FileHash-MD5: 132 | FileHash-SHA1: 132 | FileHash-SHA256: 125 | IPv4:
18 | URL: 10 | YARA: 3 | Domain: 10 | Hostname: 2
Once a victim has been compromised, a ransom note is dropped by the malware
reporting that in addition to encrypting files the threat actor has also
exfiltrated private data including financial, personal, and network information.
stealbit,  lockbit,  cobalt strike,  selkie,  conti,  ransomware spotlight, 
ransomware,  linux,  trend micro,  water selkie,  abcd ransomware,  september, 
raas,  october,  esxi,  maze,  kaspersky lockbit,  data theft,  abcd,  united, 
china,  india,  indonesia,  ukraine,  europe,  lockergoga,  megacortex, 
enterprise,  uscert,  csirt,  cert,  cybersecurity,  cyber security,  computer
security,  u. s. computer emergency readiness,  cyber risks,  june,  pm vu, 
strong,  alerts,  releases,  iocs,  tuesday,  april,  february,  contact, 
northwave,  trickbot,  medusalocker,  dfir report,  tor browser,  subscribe, 
spread,  contact us,  ftp server,  title,  blog,  enjoy,  date,  span, 
keylogger,  recon,  dharma,  twitter,  lockbit version,  function, 
credentials,  windows,  hence,  microsoft,  encryption29942,  phobosimposter, 
main,  uacme,  service,  evolution,  persistence,  underground
 * 159 Subscribers

Retail Sector Cyber Threat Intel - Key Insights (March 2022)
URL Indicator Active
 * Created 10 months ago
   
 * Modified 9 months ago by SVThreatIntel
 * Public
 * TLP: White

FileHash-MD5: 10 | FileHash-SHA1: 10 | FileHash-SHA256: 12 | URL: 7 | Domain: 8
In March, the Federal Trade Commission took action against CafePress (an online
customized merchandise platform) over allegations that it failed in securing
consumers’ sensitive personal data. The firm failed to implement proper security
measures to protect sensitive information. Other Major Incidents Anonymous
hacktivists claimed to have hacked hundreds of public surveillance cameras
installed across Russia. They had categorized the hacked cameras into
businesses, outdoor, indoor, and restaurants. The computer system of a Mansfield
company was hacked, which impacted the local marijuana businesses including Nova
Farms of Attleboro. A report mentioned ransomware as the top persistent threat
to the retail industry, while the top five ransomware affecting the industry
were identified as Conti, Lockbit 2.0., Avaddon, DarkSide, and Grief.
urls http,  sha256,  ip address,  email subject,  i4yoyi,  official,  Retail
Sector
 * 119 Subscribers

Integrations can be added from the Settings page, which can be found by clicking
on the at the top right of the main menu when logged in to OTX.


COMMENTS

You must be logged in to leave a comment.

Refresh Comments

 * © Copyright 2023 AlienVault, Inc.
   
 * Legal
   
 * Status