← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
SocGholish Malware Exploits TDS Networks to Target Victims
Cybercriminals behind SocGholish malware are using Traffic Distribution Systems (TDS) like Parrot TDS and Keitaro TDS to filter and redirect victims to malicious sites.
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| URL | http://cpanel.santechplumbing.com/profileLayout | — | 2025-08-10 | |
| URL | http://rapiddevapi.com/M3P2n8Uaz6wsh7s2fgSRwIiSadn4Wz1fNsRbVwXrW | — | 2025-08-10 | |
| URL | https://cp.envisionfonddulac.biz/vk009sVvV5/ | — | 2025-08-10 | |
| domain | balancedapproachk9.com | — | 2025-08-10 | |
| domain | bigbricks.org | — | 2025-08-10 | |
| domain | biggerfun.org | — | 2025-08-10 | |
| domain | blacksaltys.com | — | 2025-08-10 | |
| domain | cancelledfirestarter.org | — | 2025-08-10 | |
| domain | catsndogz.org | — | 2025-08-10 | |
| domain | climedballon.org | — | 2025-08-10 | |
| domain | cloudwebhub.pro | — | 2025-08-10 | |
| domain | codecruncher.pro | — | 2025-08-10 | |
| domain | daddygarages.org | — | 2025-08-10 | |
| domain | dailytickyclock.org | — | 2025-08-10 | |
| domain | deeptrickday.org | — | 2025-08-10 | |
| domain | gitomer.com | — | 2025-08-10 | |
| domain | keitaro.io | — | 2025-08-10 | |
| domain | leatherbook.org | — | 2025-08-10 | |
| domain | packedbrick.com | — | 2025-08-10 | |
| domain | rapiddevapi.com | — | 2025-08-10 | |
| domain | searchgear.pro | — | 2025-08-10 | |
| domain | webapiintegration.cloud | — | 2025-08-10 | |
| hostname | billing.roofnrack.us | — | 2025-08-10 | |
| hostname | cp.envisionfonddulac.biz | — | 2025-08-10 | |
| hostname | cpanel.santechplumbing.com | — | 2025-08-10 | |
| hostname | customer.thewayofmoney.us | — | 2025-08-10 | |
| hostname | docs.nynovation.com | — | 2025-08-10 | |
| hostname | download.romeropizza.com | — | 2025-08-10 | |
| hostname | images.therunningink.com | — | 2025-08-10 | |
| hostname | mgmt.studerandson.us | — | 2025-08-10 | |
| hostname | publication.garyjobeferguson.com | — | 2025-08-10 | |
| hostname | source.scriptsafedata.com | — | 2025-08-10 | |
| hostname | store.alignfrisco.com | — | 2025-08-10 | |
| hostname | trust.scriptobject.com | — | 2025-08-10 | |
| hostname | virtual.urban-orthodontics.com | — | 2025-08-10 | |
| hostname | www.teatree.si | — | 2025-08-10 |
References (1)