Pulse Detail — Threat Intelligence

PULSE NAME

imac.co.nz Malicious

WHITE OctoSeek 2023-08-11 Modified: 2023-09-10

352

IOCs

HIGH VOLUME

iPhone attack. Bad actors utilizing regulations and escalation privileges gain immediate access upon setup. Cell service set up at a carrier but shows as another carrier. Many BBH pretending this is their experience. Actual target unable to access any Apple support by phone. Submit online. Apple ID disabled by either Apple or BotMaster, labeled malicious ID. Live representatives at Apple or Cell carrier difficult to the point of legal investigation. Apple confiscated a single phone from target. No refund. Engineers needed phone to review and obviously cover up evidence. Target loss control of phone and was verbally commanded to enter ' confirm ' erasing access to issues. (I didn't write any of this: A full analysis of the latest cyber-attack on the Apple website, which targets people who have signed up to be targeted by hackers, has been published by the security firm OctoSeek.)

MITRE ATT&CK & Malware Families

MALWARE FAMILIES

Zombie Brick

Indicators of Compromise (199 / 352 total)

All URL domain hostname FileHash-SHA256 email

TYPE	INDICATOR	DESCRIPTION	CREATED
URL	http://www.itunes.codes	—	2023-08-11
URL	http://www.icloud.com	—	2023-08-11
URL	https://itunes.apple.com/us/app/live-sport-tv-listing-guide/id1182257083?ls=1&mt=8	—	2023-08-11
URL	https://play.google.com/store/apps/details?id=sport.mobile2ads.com	—	2023-08-11
URL	https://imac.co.nz/mim/m78k4a12715336f578efw1u2n8t340818q97azy72p968a5bb2.html	—	2023-08-11
URL	https://www.imac.co.nz/update.php	—	2023-08-11
URL	http://www.itunes.codes/'	—	2023-08-11
URL	http://17.253.142.4:80	—	2023-08-11
URL	http://applewatch.christmas	—	2023-08-11
URL	http://appstore.link	—	2023-08-11
URL	http://burstly.net/	—	2023-08-11
URL	http://cheapbagshoes.com	—	2023-08-11
URL	http://ftp.applemalaysia.com.my	—	2023-08-11
URL	http://ipod.com.sg/cn/?cid=oas-apac-domains-applestore.cn/arb/dhl/index.html	—	2023-08-11
URL	http://ipod.com.sg/ipod-touch/?cid=oas-japac-domains-ipod.com.cn/capitalonewellmade/capitalone/online	—	2023-08-11
URL	http://ipod.com.sg/mac/?cid=oas-japac-domains-macbookair.com.cn/dhl/dhl/delivery.php	—	2023-08-11
URL	http://www.publishing-survey.com	—	2023-08-11
URL	http://www.publishing-survey.com/	—	2023-08-11
URL	https://applewatch.christmas	—	2023-08-11
URL	https://appstore.link	—	2023-08-11
URL	https://cheapbagshoes.com	—	2023-08-11
URL	https://ftp.applemalaysia.com.my	—	2023-08-11
URL	https://www.publishing-survey.com	—	2023-08-11
URL	https://www.iCloud.com	—	2023-08-11
URL	http://sport.mobile2ads.com	—	2023-08-11
URL	https://sport.mobile2ads.com	—	2023-08-11
URL	http://icons.axm-usercontent-apple.com	—	2023-08-11
URL	https://icons.axm-usercontent-apple.com	—	2023-08-11
URL	http://relay.icloud-mpp.com	—	2023-08-11
URL	http://relay.icloud-mpp.com/	—	2023-08-11
URL	https://relay.icloud-mpp.com	—	2023-08-11
URL	http://data.securemetrics-apple.com	—	2023-08-11
URL	https://data.securemetrics-apple.com	—	2023-08-11
URL	http://www.systemstatus.apple	—	2023-08-11
URL	https://www.systemstatus.apple	—	2023-08-11
URL	http://www.applepay.co	—	2023-08-11
URL	https://www.applepay.co	—	2023-08-11
URL	https://applewatch.christmas/capitalone-verify	—	2023-08-11
URL	https://applewatch.christmas/index-pf.php	—	2023-08-11
URL	https://applewatch.christmas/wp-content/plugins/apikey/yjkecrbc/Nordean-verkkopankki-fi	—	2023-08-11
URL	https://www.applewatch.christmas/1odbU3D	—	2023-08-11
URL	https://www.applewatch.christmas/mim/m78k4a12715336f578efw1u2n8t340818q97azy72p968a5bb2.html	—	2023-08-11
URL	https://www.applewatch.christmas/wp-content/plugins/apikey/yjkecrbc/Nordean-verkkopankki-fi	—	2023-08-11
URL	https://appstore.link/index-pf.php	—	2023-08-11
URL	https://www.burstly.net/?cid=oas-japac-domains-applecomputer.cn/mijn-ics.online-verificatie	—	2023-08-11
URL	https://www.burstly.net/?cid=oas-japac-domains-applecomputer.cn/no	—	2023-08-11
URL	http://www.heretohelp.com	—	2023-08-11
URL	https://www.heretohelp.com	—	2023-08-11
URL	http://apps.heretohelp.net	—	2023-08-11
URL	http://dev.heretohelp.net	—	2023-08-11
URL	http://game.heretohelp.net	—	2023-08-11
URL	http://sandbox.heretohelp.net	—	2023-08-11
URL	http://test.heretohelp.net	—	2023-08-11
URL	http://www.heretohelp.net	—	2023-08-11
URL	https://apps.heretohelp.net	—	2023-08-11
URL	https://dev.heretohelp.net	—	2023-08-11
URL	https://game.heretohelp.net	—	2023-08-11
URL	https://sandbox.heretohelp.net	—	2023-08-11
URL	https://test.heretohelp.net	—	2023-08-11
URL	https://www.heretohelp.net	—	2023-08-11
URL	https://applemalaysia.com.my/mim/4762c106cw04349ot589p2e95016a946914u27077i64ib5101.html	—	2023-08-11
URL	https://ftp.applemalaysia.com.my/1odbU3D	—	2023-08-11
URL	https://ftp.applemalaysia.com.my/cibc/alert.html	—	2023-08-11
URL	https://ftp.applemalaysia.com.my/mim/4762c106cw04349ot589p2e95016a946914u27077i64ib5101.html	—	2023-08-11
URL	http://ipod.com.sg/?cid=oas-japac-domains-applecomputer.cn/way/a.php	—	2023-08-11
URL	http://ipod.com.sg/cn?cid=oas-japac-domains-applecomputer.com.cn/a/asb/index.htm	—	2023-08-11
URL	http://ipod.com.sg/ipod-touch/?cid=oas-japac-domains-ipod.com.cn/asu/final/a10a26631d45928cb8be4ebabbee8b8d	—	2023-08-11
URL	http://ipod.com.sg/ipod-touch/?cid=oas-japac-domains-ipod.com.cn/bo/dhlauto/index.php	—	2023-08-11
URL	http://ipod.com.sg/ipod-touch/?cid=oas-japac-domains-ipod.com.cn/direktnet.raiffeisen.hu/password.htm	—	2023-08-11
URL	http://ipod.com.sg/mac/?cid=oas-japac-domains-macbookair.com.cn/adhl11/adhl11/adhl/autodhl/b8a761747bb4f00d0e84b7c405c0560e	—	2023-08-11
URL	http://ipod.com.sg/mac/?cid=oas-japac-domains-macbookair.com.cn/dhl/dhlauto/dhl.php	—	2023-08-11
URL	http://ipod.com.sg/mac/?cid=oas-japac-domains-macbookair.com.cn/par	—	2023-08-11
URL	http://ipod.com.sg/mac/?cid=oas-japac-domains-macbookair.com.cn/wordpress/wp-content/baroop/baroop	—	2023-08-11
URL	http://ipod.com.sg/mac/?cid=oas-japac-domains-macbookair.com.cn/wp-admin/network/dhlauto/dhl.php	—	2023-08-11
URL	https://www.ipod.com.sg/ipod-touch/?cid=oas-japac-domains-ipod.com.cn/garantie-controie/mijn+ics+gegevens.php	—	2023-08-11
URL	https://www.ipod.com.sg/ipod-touch/?cid=oas-japac-domains-ipod.com.cn/raiffcz/233e3e576a0b2bv14732fbv14732f42001v10/login.php	—	2023-08-11
URL	https://www.ipod.com.sg/ipod-touch/?cid=oas-japac-domains-ipod.com.cn/servizio-informativo/sistema/accessoconto.php	—	2023-08-11
URL	https://www.ipod.com.sg/mac/?cid=oas-japac-domains-macbookair.com.cn/dhl/dhl/delivery.php	—	2023-08-11
URL	https://www.ipod.com.sg/mac/?cid=oas-japac-domains-macbookair.com.cn/rafcz/233e3e576a0b2bv14732fbv14732f42001v10196a0b2	—	2023-08-11
URL	https://publishing-survey.com/altcustomera/phpfiles	—	2023-08-11
URL	http://ipod.com.sg/mac/?cid=oas-japac-domains-macbookair.com.cn/dhl/dhlauto/dhl.php	—	2023-08-11
URL	http://ipod.com.sg/mac/?cid=oas-japac-domains-macbookair.com.cn/par	—	2023-08-11
URL	http://ipod.com.sg/mac/?cid=oas-japac-domains-macbookair.com.cn/wordpress/wp-content/baroop/baroop	—	2023-08-11
URL	http://ipod.com.sg/mac/?cid=oas-japac-domains-macbookair.com.cn/wp-admin/network/dhlauto/dhl.php	—	2023-08-11
URL	https://www.ipod.com.sg/ipod-touch/?cid=oas-japac-domains-ipod.com.cn/garantie-controie/mijn+ics+gegevens.php	—	2023-08-11
URL	https://www.ipod.com.sg/ipod-touch/?cid=oas-japac-domains-ipod.com.cn/raiffcz/233e3e576a0b2bv14732fbv14732f42001v10/login.php	—	2023-08-11
URL	https://www.ipod.com.sg/ipod-touch/?cid=oas-japac-domains-ipod.com.cn/servizio-informativo/sistema/accessoconto.php	—	2023-08-11
URL	https://www.ipod.com.sg/mac/?cid=oas-japac-domains-macbookair.com.cn/dhl/dhl/delivery.php	—	2023-08-11
URL	https://www.ipod.com.sg/mac/?cid=oas-japac-domains-macbookair.com.cn/rafcz/233e3e576a0b2bv14732fbv14732f42001v10196a0b2	—	2023-08-11
URL	https://publishing-survey.com/altcustomera/phpfiles	e871ef3434d4da6ffed83fc55d8d5ff6b6d67f71851a6264e26bd18402e60bd7	2023-08-11
URL	https://www.apple-darwin.net/	—	2023-08-11
URL	https://www.desktopmovies.net/?cid=oas-japac-domains-applecomputer.cn/no	—	2023-08-11
URL	https://apple-computers.us/1odbU3D	—	2023-08-11
URL	https://apple-computers.us/wp-content/plugins/apikey/yjkecrbc/Nordean-verkkopankki-fi	—	2023-08-11
URL	https://imac.co.nz/mim/m78k4a12715336f578efw1u2n8t340818q97azy72p968a5bb2.html	—	2023-08-11
URL	https://www.imac.co.nz/update.php	—	2023-08-11
URL	https://images-catch.com/mim/93tkkjy9zc9fv796398p4e8425id90u4u727g7094724c0a9i8.html	—	2023-08-11
URL	https://images-catch.com/wp-content/plugins/apikey/yjkecrbc/Nordean-verkkopankki-fi	—	2023-08-11
URL	https://www.images-catch.com/?cid=oas-apac-domains-applestore.cn/421913426.asp	—	2023-08-11
URL	https://www.images-catch.com/?cid=oas-apac-domains-applestore.cn/appleid.apple.com.loginid.api.viewlogin	—	2023-08-11
URL	https://www.images-catch.com/?cid=oas-japac-domains-applecomputer.cn/mim/7d802v1dye4v3yl2313m38213962y0f93h6b89ce497052xf9q.html	—	2023-08-11
URL	https://www.images-catch.com/?cid=oas-japac-domains-applecomputer.com.cn/apple-cc	—	2023-08-11
URL	https://www.images-catch.com/?cid=oas-japac-domains-applecomputer.com.cn/apple-cc/idmswebauth/appidkey=pwnxgtk1cuse0wvdtoxm3pfuk38kpxqb	—	2023-08-11
URL	https://www.images-catch.com/ipod-touch/?cid=oas-japac-domains-ipod.com.cn/wordpress/wp-content/baroop/baroop	—	2023-08-11
URL	https://www.images-catch.com/mac/?cid=oas-japac-domains-macbookair.com.cn/dhl%20express/index.php	—	2023-08-11
URL	https://www.images-catch.com/mac/?cid=oas-japac-domains-macbookair.com.cn/dhl/dhl/delivery.php	—	2023-08-11
URL	https://www.images-catch.com/mac/?cid=oas-japac-domains-macbookair.com.cn/rafcz/233e3e576a0b2bv14732fbv14732f42001v10196a0b2/coded.php	—	2023-08-11
URL	https://www.images-catch.com/mac/?cid=oas-japac-domains-macbookair.com.cn/wp-admin/final	—	2023-08-11
URL	http://icloud.is/?cid=oas-japac-domains-applecomputer.com.cn/startsber	—	2023-08-11
URL	https://icloud.is/1odbU3D	—	2023-08-11
URL	https://icloud.is/mim/93tkkjy9zc9fv796398p4e8425id90u4u727g7094724c0a9i8.html	—	2023-08-11
URL	https://www.icloud.is/mim/m78k4a12715336f578efw1u2n8t340818q97azy72p968a5bb2.html	—	2023-08-11
URL	http://ipod.com.sg/?cid=oas-japac-domains-applecomputer.cn/way/a.php	—	2023-08-11
URL	http://ipod.com.sg/cn/?cid=oas-apac-domains-applestore.cn/arb/dhl/index.html	—	2023-08-11
URL	http://ipod.com.sg/cn?cid=oas-japac-domains-applecomputer.com.cn/a/asb/index.htm	—	2023-08-11
URL	http://ipod.com.sg/ipod-touch/?cid=oas-japac-domains-ipod.com.cn/asu/final/a10a26631d45928cb8be4ebabbee8b8d	—	2023-08-11
URL	http://ipod.com.sg/ipod-touch/?cid=oas-japac-domains-ipod.com.cn/bo/dhlauto/index.php	—	2023-08-11
URL	http://ipod.com.sg/ipod-touch/?cid=oas-japac-domains-ipod.com.cn/capitalonewellmade/capitalone/online	—	2023-08-11
URL	http://ipod.com.sg/ipod-touch/?cid=oas-japac-domains-ipod.com.cn/direktnet.raiffeisen.hu/password.htm	—	2023-08-11
URL	http://ipod.com.sg/mac/?cid=oas-japac-domains-macbookair.com.cn/adhl11/adhl11/adhl/autodhl/b8a761747bb4f00d0e84b7c405c0560e	—	2023-08-11
URL	http://ipod.com.sg/mac/?cid=oas-japac-domains-macbookair.com.cn/dhl/dhl/delivery.php	—	2023-08-11
URL	https://www.myapple.net/?cid=oas-apac-domains-applestore.cn/appleid.apple.com.loginid.api.viewlogin	—	2023-08-11
URL	https://www.myapple.net/?cid=oas-apac-domains-applestore.cn/imagenes/comun2008/index.php	—	2023-08-11
URL	https://www.myapple.net/?cid=oas-japac-domains-applecomputer.com.cn/apple-cc	—	2023-08-11
URL	https://www.myapple.net/?cid=oas-japac-domains-applecomputer.com.cn/apple-cc/idmswebauth/appidkey=pwnxgtk1cuse0wvdtoxm3pfuk38kpxqb	—	2023-08-11
URL	https://www.myapple.net/cn/mac	—	2023-08-11
URL	https://www.myapple.net/ipod-touch/?cid=oas-japac-domains-ipod.com.cn/dhl/autodhl/dhl/m0evmiydr33k9ichvrnnhsi427524e5d5582cfb0ee5b91de81c038c5.php	—	2023-08-11
URL	https://www.myapple.net/ipod-touch/?cid=oas-japac-domains-ipod.com.cn/wordpress/wp-content/baroop/baroop	—	2023-08-11
URL	https://www.myapple.net/mac/?cid=oas-japac-domains-macbookair.com.cn/rafcz/233e3e576a0b2bv14732fbv14732f42001v10196a0b2/coded.php	—	2023-08-11
URL	https://www.myapple.net/mac/?cid=oas-japac-domains-macbookair.com.cn/wp-admin/final	—	2023-08-11
URL	http://www.publishing-survey.com	—	2023-08-11
URL	http://www.publishing-survey.com/	—	2023-08-11
URL	https://www.publishing-survey.com	—	2023-08-11
URL	https://www.ipod.com.sg/?cid=oas-japac-domains-applecomputer.cn/save/io/io/index.php	—	2023-08-11
URL	https://www.ipod.com.sg/?cid=oas-japac-domains-applestore.com.cn/english-spanish/translation/world+vision.html	—	2023-08-11
URL	https://www.ipod.com.sg/?cid=oas-japac-domains-applestore.com.cn/mim	—	2023-08-11
URL	https://www.ipod.com.sg/cn/?cid=oas-apac-domains-applestore.cn/sazqrqja/vqreqyujaa	—	2023-08-11
URL	https://www.ipod.com.sg/cn/?cid=oas-apac-domains-applestore.cn/vrf	—	2023-08-11
URL	https://www.ipod.com.sg/cn/?cid=oas-japac-domains-applecomputer.com.cn/icscards-international-blokkade.verificatie-in-ics	—	2023-08-11
URL	https://www.ipod.com.sg/cn/?cid=oas-japac-domains-applestore.com.cn/login/step3.php	—	2023-08-11
URL	https://www.ipod.com.sg/cn/mac/?cid=oas-japac-domains-macbookair.com.cn/asb3	—	2023-08-11
URL	https://www.ipod.com.sg/ipod-touch/?cid=oas-japac-domains-ipod.com.cn/dhl/autodhl/dhl/index.php	—	2023-08-11
URL	https://www.ipod.com.sg/ipod-touch/?cid=oas-japac-domains-ipod.com.cn/home/capital/c970a7cceacdd6dfa1e7fb7951da2785	—	2023-08-11
URL	https://www.ipod.com.sg/ipod-touch/?cid=oas-japac-domains-ipod.com.cn/rwhoxhqv	—	2023-08-11
URL	https://www.ipod.com.sg/mac/?cid=oas-japac-domains-macbookair.com.cn/ki/ik/ks/demail.php	—	2023-08-11
URL	https://www.ipod.com.sg/mac/?cid=oas-japac-domains-macbookair.com.cn/login/update_info.php	—	2023-08-11
URL	https://www.ipod.com.sg/mac/?cid=oas-japac-domains-macbookair.com.cn/rafcz/233e3e576a0b2bv14732fbv14732f42001v10196a0b2/coded.php	—	2023-08-11
URL	https://www.ipod.com.sg/mac/?cid=oas-japac-domains-macbookair.com.cn/w/account.booking.com/ws/sign-inop_token=/kytvrfkshdddf777/index.html	—	2023-08-11
URL	http://17.253.142.4:80	—	2023-08-11
URL	http://applewatch.christmas	—	2023-08-11
URL	http://appstore.link	—	2023-08-11
URL	http://burstly.net/	—	2023-08-11
URL	http://cheapbagshoes.com	—	2023-08-11
URL	http://ftp.applemalaysia.com.my	—	2023-08-11
URL	https://applewatch.christmas	—	2023-08-11
URL	https://appstore.link	—	2023-08-11
URL	https://cheapbagshoes.com	—	2023-08-11
URL	https://ftp.applemalaysia.com.my	—	2023-08-11
URL	https://applemalaysia.com.my/mim/4762c106cw04349ot589p2e95016a946914u27077i64ib5101.html	—	2023-08-11
URL	https://ftp.applemalaysia.com.my/1odbU3D	—	2023-08-11
URL	https://ftp.applemalaysia.com.my/cibc/alert.html	—	2023-08-11
URL	https://ftp.applemalaysia.com.my/mim/4762c106cw04349ot589p2e95016a946914u27077i64ib5101.html	—	2023-08-11
URL	http://www.applepay.co	—	2023-08-11
URL	https://www.applepay.co	—	2023-08-11
URL	https://applewatch.christmas/capitalone-verify	—	2023-08-11
URL	https://applewatch.christmas/index-pf.php	—	2023-08-11
URL	https://applewatch.christmas/wp-content/plugins/apikey/yjkecrbc/Nordean-verkkopankki-fi	—	2023-08-11
URL	https://www.applewatch.christmas/1odbU3D	—	2023-08-11
URL	https://www.applewatch.christmas/mim/m78k4a12715336f578efw1u2n8t340818q97azy72p968a5bb2.html	—	2023-08-11
URL	https://www.applewatch.christmas/wp-content/plugins/apikey/yjkecrbc/Nordean-verkkopankki-fi	—	2023-08-11
URL	https://appstore.link/index-pf.php	—	2023-08-11
URL	https://www.burstly.net/?cid=oas-japac-domains-applecomputer.cn/mijn-ics.online-verificatie	—	2023-08-11
URL	https://www.burstly.net/?cid=oas-japac-domains-applecomputer.cn/no	—	2023-08-11
URL	http://www.heretohelp.com	—	2023-08-11
URL	https://www.heretohelp.com	—	2023-08-11
URL	http://www.systemstatus.apple	—	2023-08-11
URL	https://www.systemstatus.apple	—	2023-08-11
URL	http://www.itunes.codes/'	—	2023-08-11
URL	http://apps.heretohelp.net	—	2023-08-11
URL	http://dev.heretohelp.net	—	2023-08-11
URL	http://game.heretohelp.net	—	2023-08-11
URL	http://sandbox.heretohelp.net	—	2023-08-11
URL	http://test.heretohelp.net	—	2023-08-11
URL	http://www.heretohelp.net	—	2023-08-11
URL	https://apps.heretohelp.net	—	2023-08-11
URL	https://dev.heretohelp.net	—	2023-08-11
URL	https://game.heretohelp.net	—	2023-08-11
URL	https://sandbox.heretohelp.net	—	2023-08-11
URL	https://test.heretohelp.net	—	2023-08-11
URL	https://www.heretohelp.net	—	2023-08-11
URL	http://data.securemetrics-apple.com	—	2023-08-11
URL	https://data.securemetrics-apple.com	—	2023-08-11
URL	http://icons.axm-usercontent-apple.com	—	2023-08-11
URL	https://icons.axm-usercontent-apple.com	—	2023-08-11
URL	http://relay.icloud-mpp.com	—	2023-08-11
URL	http://relay.icloud-mpp.com/	—	2023-08-11
URL	https://relay.icloud-mpp.com	—	2023-08-11
URL	http://cable.wufkweyy3uaxb.com	—	2023-08-11
URL	https://cable.wufkweyy3uaxb.com	—	2023-08-11