← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Fake Interview: The New Activity of Charming Kitten
WHITE Charming Kitten AlienVault 2020-02-05 Modified: 2020-02-06
63
IOCs
HIGH VOLUME
Certfa Lab has identified a new series of phishing attacks from the Charming Kitten, the Iranian hacking group who has a close relationship with Iran’s state and Intelligence services. According to our investigation, these new attacks have targeted journalists, political and human rights activists. These phishing attacks are in line with the previous activities of the group that companies like ClearSky and Microsoft have reported in detail in September and October 2019.
Charming Kitteniran
Indicators of Compromise (63)
All hostname URL domain FileHash-MD5
TYPEINDICATORDESCRIPTIONCREATED
hostname customers-service.ddns.net 2020-02-05
URL https://two-step-checkup.site/securemail/secureLogin/challenge/url?ucode=d50a3eb1-9a6b-45a8-8389-d5203bbddaa1&service=mailservice&type=password 2020-02-05
hostname mobile.phonechallenges-submit.site 2020-02-05
hostname youtube.service-activity-checkup.site 2020-02-05
hostname www.drive-accounts.com 2020-02-05
hostname google.drive-accounts.com 2020-02-05
domain niaconucil.org 2020-02-05
domain isis-online.net 2020-02-05
domain bahaius.info 2020-02-05
domain w3-schools.org 2020-02-05
domain system-services.site 2020-02-05
domain accounts-drive.com 2020-02-05
domain drive-accounts.com 2020-02-05
domain service-issues.site 2020-02-05
domain two-step-checkup.site 2020-02-05
domain customers-activities.site 2020-02-05
domain seisolarpros.org 2020-02-05
domain yah00.site 2020-02-05
domain skynevvs.com 2020-02-05
domain recovery-options.site 2020-02-05
domain malcolmrifkind.site 2020-02-05
domain instagram-com.site 2020-02-05
domain leslettrespersanes.net 2020-02-05
domain software-updating-managers.site 2020-02-05
domain cpanel-services.site 2020-02-05
domain service-activity-checkup.site 2020-02-05
domain inztaqram.ga 2020-02-05
domain unirsd.com 2020-02-05
domain phonechallenges-submit.site 2020-02-05
domain acconut-verify.com 2020-02-05
domain finance-usbnc.info 2020-02-05
FileHash-MD5 542128ab98bda5ea139b169200a50bce 2020-02-05
FileHash-MD5 3d67ce57aab4f7f917cf87c724ed7dab 2020-02-05
hostname www.manage-accounts.info 2020-02-06
domain manage-accounts.info 2020-02-06
hostname www.document-share.info 2020-02-06
hostname www.profile.us2-mail-login-profile.site 2020-02-06
hostname mobiles.recovery-service.site 2020-02-06
hostname mail.document-share.info 2020-02-06
hostname www.youtube.service-activity-checkup.site 2020-02-06
hostname fwww.mobiles-sessionid.customize-identity.info 2020-02-06
hostname www.two-step-checkup.site 2020-02-06
hostname www.service-activity-checkup.site 2020-02-06
hostname www.us2.login-users-account.site 2020-02-06
hostname www.signin.account-profile-users.info 2020-02-06
hostname www.mobile-sessionid.customize-identity.info 2020-02-06
hostname www.live.account-profile-users.info 2020-02-06
hostname www.com-identifier-servicelog.info 2020-02-06
hostname us2.account-profile-users.info 2020-02-06
hostname www.us2-mail-login-profile.site 2020-02-06
hostname www.customize-identity.info 2020-02-06
hostname www.aol.account-profile-users.info 2020-02-06
hostname youtube.www.service-activity-checkup.site 2020-02-06
hostname www.recovery-service.site 2020-02-06
hostname www.lotto-niwww.account-profile-users.info 2020-02-06
hostname www.login-users-account.site 2020-02-06
hostname www.mobiles-sessionid.customize-identity.info 2020-02-06
hostname x09live-ix3b.account-profile-users.info 2020-02-06
hostname www.phonechallenges-submit.site 2020-02-06
hostname mobiles.service-activity-checkup.site 2020-02-06
hostname profile.us2-mail-login-profile.site 2020-02-06
hostname lotto-niwww.account-profile-users.info 2020-02-06
hostname mymobile-sessionid.document-share.info 2020-02-06
References (2)
↗ https://blog.certfa.com/posts/fake-interview-the-new-activity-of-charming-kitten/ ↗ https://twitter.com/ClearskySec/status/1225429702334205953