← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
New OpcJacker Malware Distributed via Fake VPN Malvertising
Researchers at TrendMicro have discovered a new malware, named "OpcJacker", that has been distributed in the wild since the second half of 2022. OpcJacker’s operator is motivated by financial gain since the malware’s primary purpose is stealing cryptocurrency funds from wallets.
MITRE ATT&CK & Malware Families
Indicators of Compromise (17 / 311 total)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| URL | http://185.163.45.36:5051 | — | 2023-04-05 | |
| URL | http://206.188.197.199:443 | — | 2023-04-05 | |
| URL | http://94.158.244.118:1203 | — | 2023-04-05 | |
| URL | http://alle13net1.com:5511 | — | 2023-04-05 | |
| URL | http://alle13net2.com:5511 | — | 2023-04-05 | |
| URL | http://comes1.com:1255 | — | 2023-04-05 | |
| URL | http://comes2.com:1255 | — | 2023-04-05 | |
| URL | http://gattri1.com:5256 | — | 2023-04-05 | |
| URL | http://gattri2.com:5256 | — | 2023-04-05 | |
| URL | http://manigiajabae32.com:2006 | — | 2023-04-05 | |
| URL | http://manigiajabae35.com:2006 | — | 2023-04-05 | |
| URL | http://neskrab1.com:1133 | — | 2023-04-05 | |
| URL | http://neskrab2.com:1133 | — | 2023-04-05 | |
| URL | http://she32rn1.com:5511 | — | 2023-04-05 | |
| URL | http://she32rn2.com:5511 | — | 2023-04-05 | |
| URL | http://uzurtela1.com:3961 | — | 2023-04-05 | |
| URL | http://uzurtela42.com:3961 | — | 2023-04-05 |
References (2)
↗ https://www.trendmicro.com/en_us/research/23/c/new-opcjacker-malware-distributed-via-fake-vpn-malvertising.html
↗ https://www.trendmicro.com/content/dam/trendmicro/global/en/research/23/c/new-opcjacker-malware-distributed-via-fake-vpn-malvertising/ioc-new-opcJacker-malware-distributed-via-fake-vpn-malvertising.txt