← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Phishing Campaigns Targeting USPS See as Much Web Traffic as the USPS Itself
WHITE AlienVault 2024-04-29 Modified: 2024-05-29
28
IOCs
MEDIUM VOLUME
Following the 2023 holiday season, Akamai researchers uncovered a significant amount of highly likely malicious activity and domains purporting to be associated with the United States Postal Service (USPS). Akamai researchers compared five months of DNS traffic to the legitimate domain, usps.com, with DNS traffic to illegitimate combosquatted domain names.
uspscobalt strikeamazondns queryjavascript filedll fileicedidpowershelllsasssharefinder
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Sharefinder IcedID Cobalt Strike
Indicators of Compromise (28)
All domain hostname
TYPEINDICATORDESCRIPTIONCREATED
domain alter-usps.shop 2024-04-29
domain appusps.com 2024-04-29
domain gh-usps.shop 2024-04-29
domain stamps-usps.online 2024-04-29
domain usps-deliveryservice.icu 2024-04-29
domain usps-find.com 2024-04-29
domain usps-lookup.com 2024-04-29
domain usps-mlpackage.com 2024-04-29
domain usps-post.today 2024-04-29
domain usps-post.vip 2024-04-29
domain usps-post.world 2024-04-29
domain usps-postoffices.top 2024-04-29
domain usps-pst.xyz 2024-04-29
domain usps-shop.shop 2024-04-29
domain usps-shopusa.shop 2024-04-29
domain usps-stampservice.com 2024-04-29
domain usps.solutions 2024-04-29
domain uspsaps.top 2024-04-29
domain uspshelp.store 2024-04-29
domain uspshelp.vip 2024-04-29
domain uspsos.com 2024-04-29
domain uspspost.me 2024-04-29
domain uspspostoffice.top 2024-04-29
domain uspspostoffices.top 2024-04-29
domain uspsposts.com 2024-04-29
hostname tools.usps-lookup.com 2024-04-29
hostname us.ps393.com 2024-04-29
hostname usps.parceltracker-us.com 2024-04-29
References (1)
↗ https://www.akamai.com/blog/security-research/2024/apr/phishing-usps-malicious-domains-traffic-equal-to-legitimate-traffic