← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Microsoft Seizes 41 Domains Used in Spear-Phishing Attacks by Bohrium Hackers
WHITE bluewatcher 2022-06-06 Modified: 2022-06-06
41
IOCs
MEDIUM VOLUME
To halt the malicious activities of Bohrium, Microsoft said it took down 41 ".com," ".info," ".live," ".me," ".net," ".org," and ".xyz" domains that were used as command-and-control infrastructure to facilitate the spear-phishing campaign.
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (41)
All domain
TYPEINDICATORDESCRIPTIONCREATED
domain activatetech.info 2022-06-06
domain alpha-olive.com 2022-06-06
domain bestweight.net 2022-06-06
domain bluecake.xyz 2022-06-06
domain cendual.com 2022-06-06
domain cloudscomputers.com 2022-06-06
domain deliverymessage.com 2022-06-06
domain deliveryreporter.com 2022-06-06
domain ebtlicence.com 2022-06-06
domain edge-cloudservices.com 2022-06-06
domain electroboard.net 2022-06-06
domain equip-med.org 2022-06-06
domain freeches.live 2022-06-06
domain futuremedias.info 2022-06-06
domain healthcaretip.info 2022-06-06
domain helpdesk-product.com 2022-06-06
domain insyncdigitalbd.com 2022-06-06
domain learnersarea.com 2022-06-06
domain librarycolletion.org 2022-06-06
domain manoramaonlines.com 2022-06-06
domain microsoftdefender.info 2022-06-06
domain microsoftedgesh.info 2022-06-06
domain microsoftsecure.org 2022-06-06
domain microsoftsync.org 2022-06-06
domain mitoplatform.com 2022-06-06
domain office-shop.me 2022-06-06
domain outlookde.live 2022-06-06
domain outlookdelivery.com 2022-06-06
domain penspen.org 2022-06-06
domain servicecult.com 2022-06-06
domain sharepointfile.com 2022-06-06
domain sitesanalyzer.com 2022-06-06
domain softwarepays.com 2022-06-06
domain supportsykpe.com 2022-06-06
domain symantecdll.com 2022-06-06
domain technewsportal.com 2022-06-06
domain techtosolution.com 2022-06-06
domain thepetrosolution.com 2022-06-06
domain veritasanalyzer.com 2022-06-06
domain vibrantmariners.com 2022-06-06
domain xchange-connect.org 2022-06-06
References (3)
↗ https://news.microsoft.com/wp-content/uploads/prod/sites/358/2022/06/Doc.-No.-16-Ex-parte-TRO-SEALED.pdf ↗ https://thehackernews.com/2022/06/microsoft-seizes-41-domains-used-in.html ↗ https://twitter.com/CyberAmyHB/status/1532398956918890500