← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
IOC&TTP - Satori Threat Intelligence Disruption BADBOX 2.0 Targets Consumer Devices with Multiple Fraud Schemes
HUMAN Satori 威胁情报团队最近发现并部分破坏了一个名为 BADBOX 2.0 的大规模网络欺诈行动。该行动是 2023 年 BADBOX 操作的升级版,被认为是 迄今发现的最大联网电视(CTV)僵尸网络,涉及 超过 100 万台消费电子设备。BADBOX 2.0 通过在低成本 Android 开源项目(AOSP)设备上植入后门,允许攻击者远程部署欺诈模块,用于 广告欺诈、点击欺诈、DDoS 攻击、恶意软件分发,甚至将设备作为住宅代理(Residential Proxy)服务的一部分。
MITRE ATT&CK & Malware Families
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| domain | 99soya.shop | — | 2025-03-07 | |
| domain | admoyu.com | — | 2025-03-07 | |
| domain | ads-goal.com | — | 2025-03-07 | |
| domain | ai-goal.com | — | 2025-03-07 | |
| domain | astrolink.cn | — | 2025-03-07 | |
| domain | bltproxy.com | — | 2025-03-07 | |
| domain | bluefish.work | — | 2025-03-07 | |
| domain | bullet-proxy.com | — | 2025-03-07 | |
| domain | cpbheback.com | — | 2025-03-07 | |
| domain | cxlcyy.com | — | 2025-03-07 | |
| domain | cxzyr.com | — | 2025-03-07 | |
| domain | dazzl.vip | — | 2025-03-07 | |
| domain | easyjoy.me | — | 2025-03-07 | |
| domain | firehub.link | — | 2025-03-07 | |
| domain | firehub.work | — | 2025-03-07 | |
| domain | fuhidd.com | — | 2025-03-07 | |
| domain | giddy.cc | — | 2025-03-07 | |
| domain | huulog.com | — | 2025-03-07 | |
| domain | ipforyou.top | — | 2025-03-07 | |
| domain | jasmine.land | — | 2025-03-07 | |
| domain | joyfulxx.com | — | 2025-03-07 | |
| domain | meisvip.com | — | 2025-03-07 | |
| domain | moonhub.work | — | 2025-03-07 | |
| domain | motiyu.net | — | 2025-03-07 | |
| domain | moyix.com | — | 2025-03-07 | |
| domain | msohu.online | — | 2025-03-07 | |
| domain | mtcpmpm.com | — | 2025-03-07 | |
| domain | mtcprogram.com | — | 2025-03-07 | |
| domain | mtcpuouo.com | — | 2025-03-07 | |
| domain | net-goal.com | — | 2025-03-07 | |
| domain | pccyy.com | — | 2025-03-07 | |
| domain | pcxrlback.com | — | 2025-03-07 | |
| domain | petrel-ip.com | — | 2025-03-07 | |
| domain | pixelscast.com | — | 2025-03-07 | |
| domain | pixlo.cc | — | 2025-03-07 | |
| domain | pm2za.cc | — | 2025-03-07 | |
| domain | qulogger.com | — | 2025-03-07 | |
| domain | retrofitxer.com | — | 2025-03-07 | |
| domain | rzless.work | — | 2025-03-07 | |
| domain | shanhulan.cn | — | 2025-03-07 | |
| domain | simplekds.me | — | 2025-03-07 | |
| domain | soyatea.online | — | 2025-03-07 | |
| domain | supportdatainput.top | — | 2025-03-07 | |
| domain | swiftcode.work | — | 2025-03-07 | |
| domain | sysbinder.com | — | 2025-03-07 | |
| domain | tvsnapp.com | — | 2025-03-07 | |
| domain | veezy.site | — | 2025-03-07 | |
| domain | vividweb.work | — | 2025-03-07 | |
| domain | vmud.net | — | 2025-03-07 | |
| domain | wildpettykiwi.com | — | 2025-03-07 | |
| domain | wildpettykiwi.xyz | — | 2025-03-07 | |
| domain | ycxad.com | — | 2025-03-07 | |
| domain | ycxrldow.com | — | 2025-03-07 | |
| domain | yeyeyeye.xyz | — | 2025-03-07 | |
| domain | yxcrl.com | — | 2025-03-07 | |
| domain | yydsmb.com | — | 2025-03-07 | |
| domain | yydsmd.com | — | 2025-03-07 | |
| domain | ztword.com | — | 2025-03-07 | |
| domain | zxcvbnmasdfghjkl.xyz | — | 2025-03-07 |