← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Infrastructure Laundering: Silent Push Exposes Cloudy Behavior Around FUNNULL CDN Renting IPs from Big Tech - Silent Push
WHITE CyberHunter_NL 2025-02-04 Modified: 2025-03-06
12
IOCs
MEDIUM VOLUME
A growing criminal practice known as infrastructure laundering has been uncovered by security analysts Silent Push, who have uncovered large-scale use by threat actors such as Amazon, Microsoft and Amazon to rent IP addresses from mainstream providers.
funnullfunnull cdnamazoncnamesilent pushmicrosoftpushbwintriad nexuslaunderingfindcrimefebruaryjunetiffanypriorconceptattackclick
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (12)
All domain hostname
TYPEINDICATORDESCRIPTIONCREATED
domain b69885.com 2025-02-04
domain cmegrouphkpd.info 2025-02-04
domain coroexchange.com 2025-02-04
domain fn03.vip 2025-02-04
domain fn301.vip 2025-02-04
domain fnvip100.com 2025-02-04
domain funnull.vip 2025-02-04
domain funnull01.vip 2025-02-04
domain funnull100.com 2025-02-04
hostname 0e6de73d2.n.fnvip100.com 2025-02-04
hostname 6ce0a6db.u.fn03.vip 2025-02-04
hostname bonanza.jdfraa.com 2025-02-04
References (1)
↗ https://www.silentpush.com/blog/infrastructure-laundering/