← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Microsoft Digital Crimes Unit takes down BOHRIUM (Iranian APT) domains
Bohrium specializes in spearphishing operations which are designed to steal user credentials and other sensitive information from computers connected to the Internet by infecting the targeted computers with malicious software (“malware”). The precise identities and locations of those behind the Bohrium activity are generally unknown but have been linked by many in the security community to an Iranian group or groups.
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| domain | activatetech.info | — | 2022-06-03 | |
| domain | alpha-olive.com | — | 2022-06-03 | |
| domain | bestweight.net | — | 2022-06-03 | |
| domain | bluecake.xyz | — | 2022-06-03 | |
| domain | cendual.com | — | 2022-06-03 | |
| domain | cloudscomputers.com | — | 2022-06-03 | |
| domain | deliverymessage.com | — | 2022-06-03 | |
| domain | deliveryreporter.com | — | 2022-06-03 | |
| domain | ebtlicense.com | — | 2022-06-03 | |
| domain | edge-cloudservices.com | — | 2022-06-03 | |
| domain | electroboard.net | — | 2022-06-03 | |
| domain | equip-med.org | — | 2022-06-03 | |
| domain | freechess.live | — | 2022-06-03 | |
| domain | futuremedias.info | — | 2022-06-03 | |
| domain | healthcaretip.info | — | 2022-06-03 | |
| domain | helpdesk-product.com | — | 2022-06-03 | |
| domain | insyncdigitalbd.com | — | 2022-06-03 | |
| domain | learnersarea.com | — | 2022-06-03 | |
| domain | librarycollection.org | — | 2022-06-03 | |
| domain | manoramaonlines.com | — | 2022-06-03 | |
| domain | microsoftdefender.info | — | 2022-06-03 | |
| domain | microsoftedgesh.info | — | 2022-06-03 | |
| domain | microsoftsecure.org | — | 2022-06-03 | |
| domain | microsoftsync.org | — | 2022-06-03 | |
| domain | mitoplatform.com | — | 2022-06-03 | |
| domain | office-shop.me | — | 2022-06-03 | |
| domain | outlookde.live | — | 2022-06-03 | |
| domain | outlookdelivery.com | — | 2022-06-03 | |
| domain | penspen.org | — | 2022-06-03 | |
| domain | servicecult.com | — | 2022-06-03 | |
| domain | sharepointfile.com | — | 2022-06-03 | |
| domain | sitesanalyzer.com | — | 2022-06-03 | |
| domain | softwarepays.com | — | 2022-06-03 | |
| domain | supportskype.com | — | 2022-06-03 | |
| domain | symantecdll.com | — | 2022-06-03 | |
| domain | technewsportals.com | — | 2022-06-03 | |
| domain | techtosolution.com | — | 2022-06-03 | |
| domain | thepetrosolution.com | — | 2022-06-03 | |
| domain | veritasanalyzer.com | — | 2022-06-03 | |
| domain | vibrantmariners.com | — | 2022-06-03 | |
| domain | xchange-connect.org | — | 2022-06-03 |
References (4)
↗ https://noticeofpleadings.com/Bohrium/files/Complaint_and_Summons/Appendix%20A%20-%20Domains.pdf
↗ https://noticeofpleadings.com/Bohrium/files/Complaint_and_Summons/Complaint.pdf
↗ https://noticeofpleadings.com/bohrium/
↗ https://twitter.com/CyberAmyHB/status/1532398956918890500?s=20&t=n199vileVN6Ft2pyYt0KUw