← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Tracking Candirus DevilsTongue Spyware in Multiple Countries.
Insikt Group reported discovery of new infrastructure associated with eight Candiru-linked clusters, specifically infrastructure used to deploy and control the DevilsTongue spyware as well as higher-tier operator infrastructure. The finding indicates active expansion or maintenance of a multi-cluster operational footprint that separates initial delivery/deployment mechanisms from command-and-control and operator management layers.
Indicators of Compromise (115)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | e33cfc9e285729c09e77df9e426587ab | MD5 of 255869de85e2a171993fc5eb8a556d873a1b8966e040f6f55926f2fa2d595cc8 | 2025-08-19 | |
| FileHash-SHA1 | 25dcd94d688ecdb800157378dbae03f30b2a8ba4 | SHA1 of 255869de85e2a171993fc5eb8a556d873a1b8966e040f6f55926f2fa2d595cc8 | 2025-08-19 | |
| FileHash-SHA256 | 255869de85e2a171993fc5eb8a556d873a1b8966e040f6f55926f2fa2d595cc8 | — | 2025-08-19 | |
| URL | http://104.207.153.0 | — | 2025-08-19 | |
| domain | ambiguouscommerce.com | — | 2025-08-19 | |
| domain | antperspective.com | — | 2025-08-19 | |
| domain | aperturebelt.com | — | 2025-08-19 | |
| domain | asknapkin.com | — | 2025-08-19 | |
| domain | barnsecret.com | — | 2025-08-19 | |
| domain | baseagriculture.com | — | 2025-08-19 | |
| domain | basicstraw.com | — | 2025-08-19 | |
| domain | basinapposite.com | — | 2025-08-19 | |
| domain | beneathbreadth.com | — | 2025-08-19 | |
| domain | bizarreclassify.com | — | 2025-08-19 | |
| domain | blockroster.net | — | 2025-08-19 | |
| domain | bondmuscle.com | — | 2025-08-19 | |
| domain | breadgroomer.com | — | 2025-08-19 | |
| domain | bronzemonth.com | — | 2025-08-19 | |
| domain | browniebell.com | — | 2025-08-19 | |
| domain | bypassbirch.com | — | 2025-08-19 | |
| domain | bypasscalculate.com | — | 2025-08-19 | |
| domain | bypasscommerce.com | — | 2025-08-19 | |
| domain | calmbase.org | — | 2025-08-19 | |
| domain | cartoondrop.net | — | 2025-08-19 | |
| domain | chickenstrawberry.com | — | 2025-08-19 | |
| domain | citecivilization.com | — | 2025-08-19 | |
| domain | closetmeat.com | — | 2025-08-19 | |
| domain | commonclever.com | — | 2025-08-19 | |
| domain | concretebottle.com | — | 2025-08-19 | |
| domain | conquerconfess.com | — | 2025-08-19 | |
| domain | containsnow.com | — | 2025-08-19 | |
| domain | contradictionblindness.com | — | 2025-08-19 | |
| domain | convincechaotic.com | — | 2025-08-19 | |
| domain | cooperatedisinfect.net | — | 2025-08-19 | |
| domain | cottonbread.com | — | 2025-08-19 | |
| domain | cranberrybear.com | — | 2025-08-19 | |
| domain | cropcritique.com | — | 2025-08-19 | |
| domain | crossoverdue.com | — | 2025-08-19 | |
| domain | damageconsider.com | — | 2025-08-19 | |
| domain | deardrill.com | — | 2025-08-19 | |
| domain | dediccatedconsideration.com | — | 2025-08-19 | |
| domain | deducedefend.com | — | 2025-08-19 | |
| domain | deliverconcern.net | — | 2025-08-19 | |
| domain | densefoot.com | — | 2025-08-19 | |
| domain | desireeclipse.com | — | 2025-08-19 | |
| domain | detaincharity.net | — | 2025-08-19 | |
| domain | deterdiffusion.com | — | 2025-08-19 | |
| domain | devotionbelief.com | — | 2025-08-19 | |
| domain | dfuture.com | — | 2025-08-19 | |
| domain | distractionfar.com | — | 2025-08-19 | |
| domain | drivesplash.com | — | 2025-08-19 | |
| domain | drummerjourney.com | — | 2025-08-19 | |
| domain | dumplingbell.com | — | 2025-08-19 | |
| domain | electric-prime.com | — | 2025-08-19 | |
| domain | elifluousscintillam.com | — | 2025-08-19 | |
| domain | eminententwine.com | — | 2025-08-19 | |
| domain | exhibitexpanse.com | — | 2025-08-19 | |
| domain | fallaciousessential.net | — | 2025-08-19 | |
| domain | fearevolve.com | — | 2025-08-19 | |
| domain | fileswaper.com | — | 2025-08-19 | |
| domain | finalsalami.com | — | 2025-08-19 | |
| domain | flexibleelevator.com | — | 2025-08-19 | |
| domain | foamdirection.com | — | 2025-08-19 | |
| domain | forecastgarden.com | — | 2025-08-19 | |
| domain | goatsandals.com | — | 2025-08-19 | |
| domain | golfconcert.com | — | 2025-08-19 | |
| domain | groundbreakinginitative.com | — | 2025-08-19 | |
| domain | guitarcalculate.com | — | 2025-08-19 | |
| domain | hostilefauna.com | — | 2025-08-19 | |
| domain | integrity-labs.ltd | — | 2025-08-19 | |
| domain | isolatelecture.com | — | 2025-08-19 | |
| domain | jellybat.net | — | 2025-08-19 | |
| domain | jobmarcher.com | — | 2025-08-19 | |
| domain | journeyjest.net | — | 2025-08-19 | |
| domain | kartingrumble.com | — | 2025-08-19 | |
| domain | labyrinthextravagance.org | — | 2025-08-19 | |
| domain | leafconfuse.net | — | 2025-08-19 | |
| domain | lessonhandle.com | — | 2025-08-19 | |
| domain | macrodrop.net | — | 2025-08-19 | |
| domain | macromint.net | — | 2025-08-19 | |
| domain | maturitygenesis.com | — | 2025-08-19 | |
| domain | measurecabin.com | — | 2025-08-19 | |
| domain | mushroompalm.com | — | 2025-08-19 | |
| domain | notableexam.org | — | 2025-08-19 | |
| domain | notionnowadays.com | — | 2025-08-19 | |
| domain | outdooutcome.com | — | 2025-08-19 | |
| domain | parkourbus.com | — | 2025-08-19 | |
| domain | patternperiod.com | — | 2025-08-19 | |
| domain | penslice.com | — | 2025-08-19 | |
| domain | pepperdominate.com | — | 2025-08-19 | |
| domain | prawnbasket.com | — | 2025-08-19 | |
| domain | predictproper.com | — | 2025-08-19 | |
| domain | pressaviation.com | — | 2025-08-19 | |
| domain | profligatecensure.com | — | 2025-08-19 | |
| domain | rollstrech.com | — | 2025-08-19 | |
| domain | romancedrum.com | — | 2025-08-19 | |
| domain | sacrificeprincipal.net | — | 2025-08-19 | |
| domain | salmonpride.net | — | 2025-08-19 | |
| domain | scoreparade.com | — | 2025-08-19 | |
| domain | selectedpazzle.com | — | 2025-08-19 | |
| domain | shareitwork.com | — | 2025-08-19 | |
| domain | signifyslight.com | — | 2025-08-19 | |
| domain | spongefruit.com | — | 2025-08-19 | |
| domain | stablesurface.com | — | 2025-08-19 | |
| domain | strangegarden.org | — | 2025-08-19 | |
| domain | stylebrakedown.com | — | 2025-08-19 | |
| domain | suggestutterly.com | — | 2025-08-19 | |
| domain | sunsetpotential.com | — | 2025-08-19 | |
| domain | tacticscheap.net | — | 2025-08-19 | |
| domain | tidalscreen.com | — | 2025-08-19 | |
| domain | tubeshape.com | — | 2025-08-19 | |
| domain | ultimatematter.info | — | 2025-08-19 | |
| domain | velvetpremier.com | — | 2025-08-19 | |
| domain | windomination.com | — | 2025-08-19 | |
| hostname | segawoncimengttd.yogifzvpnganteng.web.id | — | 2025-08-19 |