← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Marko Polo Navigates Uncharted Waters with Infostealer Empire
WHITE Marko Polo AlienVault 2024-09-17 Modified: 2024-11-06
129
IOCs
HIGH VOLUME
An analysis has uncovered a highly adaptable cybercriminal group, codenamed 'Marko Polo', that operates sophisticated scams employing information-stealing malware to target individuals and organizations globally. They primarily operate through social media, impersonating legitimate brands in sectors like online gaming, virtual meetings, productivity software, and cryptocurrency. Their extensive operation involves over 30 distinct scams, 50 malware payloads, numerous malicious domains, and hundreds of fraudulent social media accounts. This widespread campaign likely compromised tens of thousands of devices globally, exposing sensitive personal and corporate data, posing risks to consumer privacy and business continuity while generating substantial illicit revenue.
cybercriminalsocial_engineeringinfostealersscamsimpersonationMarko Polo
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Stealc Rhadamanthys HijackLoader
Indicators of Compromise (129)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 0defc6f478324d079a54245f147a0680 2024-09-17
FileHash-MD5 68bced64ec1e8f57243c4f04e8fc5fb0 2024-09-17
FileHash-MD5 723ace88c71b9753939a5395eead3de1 2024-09-17
FileHash-SHA1 94513265b2448ebd88f8afc0ce77fd27a523f016 2024-09-17
FileHash-SHA1 d82b8b5f5e85a926cb6195cf75baa232bb5a2966 2024-09-17
FileHash-SHA1 f1719b1cf427afb31f91789e8fef8cbd77c5a613 2024-09-17
FileHash-SHA256 00a0cb5fb4053ba9a04920ca023aae50859af4bd15fd31286ebca6d0d97f3852 2024-09-17
FileHash-SHA256 0b4f5327c6c89f8aa2d642fc7a1955bc90ffcd8b41f21974517b7f58c3ed7323 2024-09-17
FileHash-SHA256 0b5b9d6be11c9a806763741d52d0e186e6f0e9e54d124fa2fa0374d2465599f5 2024-09-17
FileHash-SHA256 16c1c1b15f8473f1babbbcae1124c7481e9a4e25331beeae5611dc4f153e7b4b 2024-09-17
FileHash-SHA256 1c8705af8ea8598cf5d0b7af572d7e50540bfc146fa1c2ea0859ac554d088b0b 2024-09-17
FileHash-SHA256 222e01ce240bf795a31775bfbd74806dd904af514935308cc89188aa1c05b621 2024-09-17
FileHash-SHA256 257476099858ef9d284a0cf5be8e442ec59d30f4453b3807c8e5fcf091b07f6d 2024-09-17
FileHash-SHA256 2f32a84122f86e686f93debcf02b635b0339c6d0b085e02419dff1eaa5724ec0 2024-09-17
FileHash-SHA256 35b9d0b528f576048ea10c9087010b4df0b5d05a9c8af8a3b88e1b88b607f08f 2024-09-17
FileHash-SHA256 35be11ddfa4f1d776f0b6b814a325f50189100222fe04436a50563c89c2a02bd 2024-09-17
FileHash-SHA256 374fe0a3bd4b4dc99e1e07976fc0171c28a86f34d6810bc77e69bc58ccd764c7 2024-09-17
FileHash-SHA256 5068e7c3a1822f2f66bc99a8b20d86d66a72a828c9d01214a076a415826667ce 2024-09-17
FileHash-SHA256 5528e226b747abad7e843e6d7f92f48dda13f626a766285b2e889bd8fc746b12 2024-09-17
FileHash-SHA256 56adf4dfb61292ceef302e1988ac2ba4551109186ad1c9f3ce87d11914157b0c 2024-09-17
FileHash-SHA256 609129a9188ca3d16832594d44d746d7434e67a99c6dd20c1785aface9ed117d 2024-09-17
FileHash-SHA256 61db02e38f376e6639130ed344498b7ad190006e9e7eea46a98f83001bb419dd 2024-09-17
FileHash-SHA256 66085c5ac7b06960e90d4babc1a3e92fb57eaf557f61cc605865950039398a59 2024-09-17
FileHash-SHA256 66f085adee21f3c30ad6d7b8273a4ccac395b958536f7daf3a1772e768ee70cc 2024-09-17
FileHash-SHA256 6798c877acdbcc2feec0f43fda970bc0428d8a9a7394e72325ae8cbd5e150602 2024-09-17
FileHash-SHA256 724d7e92e789640991c1066399cdd96f9ddfb7a59d42fd9d8d7e2bf48d39bc2d 2024-09-17
FileHash-SHA256 77ee7274f0a8208fccefb0138258421113554281bdf21e4d9f25fe6b11856dc4 2024-09-17
FileHash-SHA256 856979042a3c1f61050cc08e8f11856dc714ec16969bd0fc562fd47c9e6c8e4c 2024-09-17
FileHash-SHA256 87806649eaabc3da46a8ef6a983d561f8716d24dee9406bf2cd68b914c6a06a3 2024-09-17
FileHash-SHA256 9099108338539e613d8fce7067b9e69d9cf09d1082bbedc0718c9f6d77e46288 2024-09-17
FileHash-SHA256 9a7a070029bb51daf70514402e9f6aeed4acd46a18c13478ddd3fa242a9f8a95 2024-09-17
FileHash-SHA256 9c2c9dd2cd873c8999c3631aac8a34f32f1efed54dd31fe47527d842185ff92d 2024-09-17
FileHash-SHA256 bde29a5215e685805f00fee5f03de3478f8214195ecf93fb81562bcd6122149d 2024-09-17
FileHash-SHA256 c0a1c698a5d84366a7f2b64751ee0a69f5e4887e0a0bc62841fae6d9f33417aa 2024-09-17
FileHash-SHA256 c6c76d3dad043e0d516d446ca438727ddec6bd978f77eea768d6eaeb216a84d1 2024-09-17
FileHash-SHA256 c7fa247cd265cbaf766be6a041fc18ecf6380ee41196ad3b7d36bc61c1130118 2024-09-17
FileHash-SHA256 cbfb45a16512c901cdfa9eff356bd7f139edc0c51133733ba80a7c0d9d1a2a61 2024-09-17
FileHash-SHA256 cf8f04c3f1be5a27acbcaf08a2f0461ee48d2b4d48ddaca87904cb7c9831ab51 2024-09-17
FileHash-SHA256 d17cb6113ccf97b7bc0d02da26afa766bea2e5067e745fab574b0b5b78880065 2024-09-17
FileHash-SHA256 d9f006c0b4cd266e641424865631091a125b4c95ae53b8341af1d9988de94383 2024-09-17
FileHash-SHA256 de78d04f0c049d53a40c4af5589a18aee85bd6a40fce7ad6114e421921ebfb93 2024-09-17
FileHash-SHA256 f7dcc0c21c78db4698e03bf787c4d9329c4ec9fca1c546903a3af34d9c05d449 2024-09-17
FileHash-SHA256 fa634cee8d9b6d25081c943ca1c9156f846b7915ce2cba4f01329cc411e6e081 2024-09-17
domain abstractfit.com 2024-11-06
domain allworxusergroup.com 2024-11-06
domain ask-ashika.com 2024-11-06
domain betbhaibetting.com 2024-11-06
domain callzy.io 2024-11-06
domain cancelspacecoastdaily.com 2024-11-06
domain chat2voice.com 2024-11-06
domain egypt-pyramids.com 2024-11-06
domain go-heard.eu 2024-11-06
domain go-heard.life 2024-11-06
domain go-heard.pro 2024-11-06
domain go-heard.world 2024-11-06
domain goheard.digital 2024-11-06
domain goheard.io 2024-11-06
domain goheard.us 2024-11-06
domain goheard.xyz 2024-11-06
domain mudabirmunib.com 2024-11-06
domain nizaj.com 2024-11-06
domain partyroyale.io 2024-11-06
domain partyworld.io 2024-11-06
domain pdfunity.com 2024-11-06
domain punitrai.com 2024-11-06
domain rafaelsuarezlopez.com 2024-11-06
domain up-connect.life 2024-11-06
domain up-connect.pro 2024-11-06
domain up-connect.world 2024-11-06
domain vdeck.io 2024-11-06
domain vicall.org 2024-11-06
domain vmaxis.io 2024-11-06
domain voico.io 2024-11-06
domain voico.site 2024-11-06
domain voicocall.com 2024-11-06
domain vorion.io 2024-11-06
domain vortax.io 2024-11-06
domain vortax.space 2024-11-06
domain wealthgenixs.com 2024-11-06
domain weworkhappy.com 2024-11-06
domain woospeech.top 2024-11-06
domain yous.ai 2024-11-06
domain adelargentina.com 2024-11-06
domain adsotic.com 2024-11-06
domain allieat.com 2024-11-06
domain amigosdepomapata.com 2024-11-06
domain asdas1252qwdqwsd215612.com 2024-11-06
domain assetsreserve.com 2024-11-06
domain bestwaytoearnmoneyonline.com 2024-11-06
domain biketrailtreasures.com 2024-11-06
domain blocksofnews.com 2024-11-06
domain columbuskitchenpros.com 2024-11-06
domain concreteadvantagefl.com 2024-11-06
domain dixonpumpsonline.com 2024-11-06
domain elonmuskhouse.com 2024-11-06
domain engineeredbasementsolutions.com 2024-11-06
domain everworldstory.com 2024-11-06
domain faruvinnovations.com 2024-11-06
domain gamepilot.ai 2024-11-06
domain hiranika.com 2024-11-06
domain institutoangelabatista.com 2024-11-06
domain lastnuggets.com 2024-11-06
domain leed-consultants.com 2024-11-06
domain mcxncdextips.com 2024-11-06
domain myfirstlovemusicfestival.com 2024-11-06
domain nightverse.game 2024-11-06
domain nor-tex.pro 2024-11-06
domain nor-tex.xyz 2024-11-06
domain nort-ex.eu 2024-11-06
domain nort-ex.lol 2024-11-06
domain nort-ex.world 2024-11-06
domain nortex-app.pro 2024-11-06
domain nortex.blog 2024-11-06
domain nortex.chat 2024-11-06
domain nortex.life 2024-11-06
domain nortex.uk 2024-11-06
domain nortexapp.xyz 2024-11-06
domain novatercaagilidade.com 2024-11-06
domain pasture2tablefarm.com 2024-11-06
domain primejobpk.com 2024-11-06
domain room.icu 2024-11-06
domain runeonlineworld.io 2024-11-06
domain savvysellerstudio.com 2024-11-06
domain showpiecekennelmating.com 2024-11-06
domain spectra.land 2024-11-06
domain thanphongspring.com 2024-11-06
domain tidyme.io 2024-11-06
domain topplayerpokermoneysang.com 2024-11-06
domain virginturf.com 2024-11-06
References (1)
↗ https://go.recordedfuture.com/hubfs/reports/cta-2024-0917.pdf