← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Device Isolation: Lumen Technologies | Palantir and ‘Boots on the Ground Operations’
Device Isolation: Lumen Technologies (formerly CenturyLink) deployed as an admin on iOS devices. Standard factory resets may prove ineffective. Complete hardware "air-gap" or clean devices that have never touched your home network may be best option for deeply monitored targets.
Summary of the Campaign:
The involvement of Lumen Technologies (as an unwanted admin), Foundry (Palantir) for data mapping, and Mirai Botnet for network disruption represents a "scorched earth" approach to digital destruction. Target treated as a criminal through Cellebrite, implicates specific attackers attempted to legalize what was actually a predatory stalking campaign/s.
Surveillance Overlap: The use of Lumen Technologies and Palantir, tools allows for real-time tracking of a target's physical location—explains how ‘boots on the ground’ offenders can stalk , surveillance , confront, assault and engage in various damaging attacks of specific monitored targets.
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Trojan.Tofsee/Botx
ALF:JASYP:Trojan:Win32/IRCbot!atmn
PWS:Win32/Axespec.A
Worm:Win32/Lightmoon.H
Indicators of Compromise (102 / 9592 total)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | 8750c5fa265082dd633c8ca5528c776f | MD5 of d2cf4ad96bc91113fd47d73a952b6f2af5a34b76 | 2026-01-30 | |
| FileHash-MD5 | 0483d21ffc26663cc5f1b111b3606bc0 | MD5 of 3d48d9b6654103fb71a184a93be9a1b4bd5b65a5 | 2026-01-30 | |
| FileHash-MD5 | 04e3cc8a9641b3f9f9c9370f4e9b5bdd | — | 2026-01-30 | |
| FileHash-MD5 | 1f61cf5982cf88cf209a66afd55b5378 | — | 2026-01-30 | |
| FileHash-MD5 | 319286b0b1094c5d804c9740e839e0b2 | — | 2026-01-30 | |
| FileHash-MD5 | 410352dc0ff7501b16f0028eba6f45c5 | MD5 of dac9024f54d8f6df94935fb1732638ca6ad77c13 | 2026-01-30 | |
| FileHash-MD5 | 4f914d6a12b48374677859978d3def97 | — | 2026-01-30 | |
| FileHash-MD5 | 53adf8827a83d37784c046c24c7bb383 | — | 2026-01-30 | |
| FileHash-MD5 | 56e3906f95a44c8e5772e8de9308498e | — | 2026-01-30 | |
| FileHash-MD5 | 5746bd7e255dd6a8afa06f7c42c1ba41 | MD5 of db06c3534964e3fc79d2763144ba53742d7fa250ca336f4a0fe724b75aaff386 | 2026-01-30 | |
| FileHash-MD5 | 5ef26b5e47e6951f43ecf2b1fc645222 | — | 2026-01-30 | |
| FileHash-MD5 | 6df1787c4be82d1bb24f8bffa10c7738 | MD5 of 2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a | 2026-01-30 | |
| FileHash-MD5 | 79ad2484c667423b4760722b91ebe7a9 | — | 2026-01-30 | |
| FileHash-MD5 | 7b58032c5f7af3e2c8b428defdaab7d1 | — | 2026-01-30 | |
| FileHash-MD5 | 8886e0697b0a93c521f99099ef643450 | MD5 of d73f7ee4e6e992a618d02580bdbf4fd6ba7c683d110928001092f4073341e95f | 2026-01-30 | |
| FileHash-MD5 | 89c7d3ea00aa3ac83688823d947e2706 | — | 2026-01-30 | |
| FileHash-MD5 | 94308059b57b3142e455b38a6eb92015 | — | 2026-01-30 | |
| FileHash-MD5 | b0e447cb0cc0023da0a5303de75cda9a | — | 2026-01-30 | |
| FileHash-MD5 | b3ff7907a0727dc54093444c63fc9d27 | — | 2026-01-30 | |
| FileHash-MD5 | b9103d9d134e0c59cafbe4ae0a8299a8 | — | 2026-01-30 | |
| FileHash-MD5 | c613e69c3b191bb02c7a191741a1d024 | MD5 of e285feeca968b3ca22017a64363eea5e69ccd519696671df523291b089597875 | 2026-01-30 | |
| FileHash-MD5 | d1b5327b684c71aa96c517032dd64a56 | — | 2026-01-30 | |
| FileHash-MD5 | 411b93904e0e5f593b721320e97e80ff | — | 2026-01-30 | |
| FileHash-MD5 | 7e6279197deece56194574eea5d0a915 | — | 2026-01-30 | |
| FileHash-MD5 | a8c1e0b9f5696ef0e48a8acd89e7859d | — | 2026-01-30 | |
| FileHash-MD5 | bb1a92d510a45746dbc2c240fcb3c697 | — | 2026-01-30 | |
| FileHash-MD5 | 0f40c02976e6f28f51a0bba840731e04 | — | 2026-01-30 | |
| FileHash-MD5 | 22070c8a38d664113ff71a6539af65de | — | 2026-01-30 | |
| FileHash-MD5 | 09d9983cdf9197be1d0e89bb0a4554d9 | MD5 of 0ca54c5ef31c3734d3db76844df48dec8e06a519 | 2026-01-30 | |
| FileHash-MD5 | 219e14cbb2a95c947bb60dcc253a48bf | MD5 of 76cc684a36e6a6b749f8d0bba0a6db1186612512 | 2026-01-30 | |
| FileHash-MD5 | 26fabb16cc3ed6cc27f6e44ed6f7a7fd | MD5 of 69d5db8e07c1aa4867c7576e5195d29c2c83e310 | 2026-01-30 | |
| FileHash-MD5 | 5262659c7580b7995ab6ac706006e9b8 | MD5 of 5f318f98f625192d40f8b044a3ae8c8b44d289fc | 2026-01-30 | |
| FileHash-MD5 | 5625f9d8b7d5f3473c2922acb80570bd | MD5 of 397e5dce0d96f77817369ae9ae57c70739d964e3 | 2026-01-30 | |
| FileHash-MD5 | 701174fcdcf1dbd46d299b3cdbdd2203 | MD5 of a6513065fd1ff81f6befaf811b1363b1215cac1f | 2026-01-30 | |
| FileHash-MD5 | 71063f4c12eb842455680de8905133ea | MD5 of 399b783ff2bd2daf2bb7ea2bccc5f02b5a25394b | 2026-01-30 | |
| FileHash-MD5 | 81c03f0b8703f7aaea3871218dca6952 | MD5 of aacf02ded907b232b01ff887f82f80d58c6a401a | 2026-01-30 | |
| FileHash-MD5 | 8bd13da345df541264fa2a3588c40712 | MD5 of a0477c0887e9fd228f72ca72fc7d3927d785a60a | 2026-01-30 | |
| FileHash-MD5 | 90f15564dba0ffb596dceea8c4d51225 | MD5 of aa8024649f547ba6312cc35d976ef702a1c75875 | 2026-01-30 | |
| FileHash-MD5 | 98ba92be656a52cb07e9d16cc014eec0 | MD5 of 359a7e7d917582dd1f24e91beb66bacb924dff55 | 2026-01-30 | |
| FileHash-MD5 | af14e3bee0453b5736aab2d4d781322b | MD5 of 58a3b78f651afbaa70192a5b9d4bdd0e923b1b9f | 2026-01-30 | |
| FileHash-MD5 | be09793130e77f3125788b7bd86fbf83 | MD5 of 37bf5045f518b451e730a5c6784406d2d110c2bc | 2026-01-30 | |
| FileHash-MD5 | bf84f1bf414fa642b18a8575f7dbd723 | MD5 of 79e40a637f50d8b60b628832686d753ff29b6f82 | 2026-01-30 | |
| FileHash-MD5 | c3d6bbdd587830df28fabe09c6486164 | MD5 of ae384940b7b5aa91c5fb01428f3ad4245e29b164 | 2026-01-30 | |
| FileHash-MD5 | c89ce1a47a5f0b37ef7257395d9862c4 | MD5 of 9433291221504ff296f541ae4ff9394143e35ad7 | 2026-01-30 | |
| FileHash-MD5 | 4ef7a70418d6ab06cd90533121847cee | MD5 of 0d91e274ffd85d8e496a42f9db0644a437292d2fc0debf48c069747a601a1374 | 2026-01-30 | |
| FileHash-MD5 | 703f6433498bbd015d8c3ce770995576 | MD5 of 972f4a47131c045fe3fa7fb360832c3fd627fa5fe906495d8031073124700a2a | 2026-01-30 | |
| FileHash-MD5 | 7c20684cc97a4c3416f0c0509fa189bc | MD5 of 0e829d52f3be006aa0929f8a915cad62e7596e2ace65b05b3154d2e578399581 | 2026-01-30 | |
| FileHash-MD5 | 956ce7c04b2ad65bd6d236911e36b7c7 | MD5 of 3a59f4dc26d6d039b4da331c599b95d2d6732d2c5a51a96084c7c0b90f2e8289 | 2026-01-30 | |
| FileHash-MD5 | c7a5c18a7785b31a2979761537a5adbb | MD5 of 2e22c4938e4342b21f6aa4b85edc9760a9106793fbd595c7ba51786529ff513c | 2026-01-30 | |
| FileHash-MD5 | ccde59c76191188719db04296dfc6c0c | MD5 of b272660bf939bc6e9bcd515f33cf05c565158912cd550d618b421a4f59a0869e | 2026-01-30 | |
| FileHash-MD5 | 010b7b1e716e3d582624544d901b9bfb | — | 2026-01-30 | |
| FileHash-MD5 | 04be5c4cdbe497024f1bd08c63bd8458 | — | 2026-01-30 | |
| FileHash-MD5 | 061e15ee2f48382baa304578cfee94c2 | — | 2026-01-30 | |
| FileHash-MD5 | 0e528d000aad58b255c1cf8fd0bb1089 | — | 2026-01-30 | |
| FileHash-MD5 | 165e29568172e2adf60ac1c5a7c3a456 | MD5 of 366e375bcfea07aad9c3757bd25bd6d4d870c29e18438b99429aed74a4197151 | 2026-01-30 | |
| FileHash-MD5 | 1967fff0765ec457c392e55720f6ed58 | — | 2026-01-30 | |
| FileHash-MD5 | 44046c5c534afa265837eb2f62e2e020 | — | 2026-01-30 | |
| FileHash-MD5 | 5683a9ac680b81991709049bc64714a4 | — | 2026-01-30 | |
| FileHash-MD5 | 61460234f4fa2ee35c4407a3899ba274 | — | 2026-01-30 | |
| FileHash-MD5 | 64fc6e361e39f33535a0e3f3543e7033 | MD5 of 66bc1d0d22a3e9c6646c9d0e47c567d744ab6c6420f6c22698b0238bd7509de3 | 2026-01-30 | |
| FileHash-MD5 | 65a3ed6f11ee1ee326e040a1348e49c1 | — | 2026-01-30 | |
| FileHash-MD5 | 6a3b0f9ca939335c2a7ea09e39414a29 | — | 2026-01-30 | |
| FileHash-MD5 | 763cd3e07547cc361ff6031eabc929b4 | — | 2026-01-30 | |
| FileHash-MD5 | 8bfe4d858a6597fbace8649427ab5b6f | — | 2026-01-30 | |
| FileHash-MD5 | 8ca4099627e119424a3528ba7072b638 | — | 2026-01-30 | |
| FileHash-MD5 | 8d14544684b571225b799c2c3e0230a8 | — | 2026-01-30 | |
| FileHash-MD5 | 8e6e31f8df128a746ff9a3a38f8f78c0 | — | 2026-01-30 | |
| FileHash-MD5 | 9bb13aa4227f2b39a8f5fcdf50af24c3 | — | 2026-01-30 | |
| FileHash-MD5 | a4260054adbc4193f017fc97e7d79619 | — | 2026-01-30 | |
| FileHash-MD5 | a936686d286eaa5091339b6e6dc01a65 | — | 2026-01-30 | |
| FileHash-MD5 | aae78d09484809531f07ee45cb377771 | — | 2026-01-30 | |
| FileHash-MD5 | afc4f1b045476f92e0454b2b9e7a8084 | — | 2026-01-30 | |
| FileHash-MD5 | b07b9d914f28190a2a1dea452d67ca5a | — | 2026-01-30 | |
| FileHash-MD5 | b2de62a4698d8ea30dc200a35e6c2c3f | — | 2026-01-30 | |
| FileHash-MD5 | b3fae9d42ab12da6e120db26e71d2f06 | — | 2026-01-30 | |
| FileHash-MD5 | b72332bdfed16c4a3e091d0594575e5f | — | 2026-01-30 | |
| FileHash-MD5 | b8ae3c0c2aaa604b1d1c0e7aa368d7dc | MD5 of e4a426b2d1ef33379c496da3536f3700dfacda39f3edc666dd0795642584999d | 2026-01-30 | |
| FileHash-MD5 | ba781635c9597263ee69837c638cda20 | — | 2026-01-30 | |
| FileHash-MD5 | c2c497aaa61ee4a3f14827917511263c | — | 2026-01-30 | |
| FileHash-MD5 | c45652bcda3b11c1145b27ad6339f15f | — | 2026-01-30 | |
| FileHash-MD5 | d6643a59031846b489a759ae08d0f631 | — | 2026-01-30 | |
| FileHash-MD5 | d7a950fefd60dbaa01df2d85fefb3862 | — | 2026-01-30 | |
| FileHash-MD5 | de50a3f4bbe58560de508f445e9d2687 | MD5 of b58fdea0b5be1d0f046c433e0ae35c3e1af822b226438538013081f0846c443e | 2026-01-30 | |
| FileHash-MD5 | e0bbb3dadf51e4bae42e53ee8734d86a | — | 2026-01-30 | |
| FileHash-MD5 | e4cd776a3893852a84281da60556b092 | — | 2026-01-30 | |
| FileHash-MD5 | e5679586df3cc88475ec64ac264303c5 | — | 2026-01-30 | |
| FileHash-MD5 | efc5ec8c437f25fb9be303b2f2e5b3b4 | — | 2026-01-30 | |
| FileHash-MD5 | f2a3cd64739bc83dc342a579086f16db | — | 2026-01-30 | |
| FileHash-MD5 | f46cd52e2cf0978389248d701d3da105 | — | 2026-01-30 | |
| FileHash-MD5 | f5635de935e4e1e2abb2ab0184ba6bd1 | — | 2026-01-30 | |
| FileHash-MD5 | fcdeb8560c4c20cb02cad0f0aebb36d0 | — | 2026-01-30 | |
| FileHash-MD5 | 192b96fef33eed4ed0321af0076a0a87 | — | 2026-01-30 | |
| FileHash-MD5 | 44f452e865a4bb9220f58fcdea29283c | — | 2026-01-30 | |
| FileHash-MD5 | 5e3c7fecf648a47b0dfa4ab96c7a8650 | — | 2026-01-30 | |
| FileHash-MD5 | 7d4b238b5cfe33214f5e5cf8979111db | — | 2026-01-30 | |
| FileHash-MD5 | ad4e8f686c33f8542cd46be2322abb1b | — | 2026-01-30 | |
| FileHash-MD5 | c23a1e02152fc5129329d85f01816244 | — | 2026-01-30 | |
| FileHash-MD5 | caf8ad691e2dc7253c3e150b876b8594 | — | 2026-01-30 | |
| FileHash-MD5 | d90edc66f59b2bb187521ec40f180a6f | — | 2026-01-30 | |
| FileHash-MD5 | dd766a8919554837532b40d11d832452 | — | 2026-01-30 | |
| FileHash-MD5 | f206538373b001d26432000671b891ef | — | 2026-01-30 | |
| FileHash-MD5 | ec3ac70714d4b7500d3e7b517ed0a33a | — | 2026-01-30 |
References (32)
↗ ‘Lumen Technologies’ Acting as administrator of a targeted Apple IOS device
↗ Yare: compromised_site_redirector_fromcharcode
↗ Alerts: network_icmp nolookup_communication js_eval recon_fingerprint
↗ Alerts: console_output has_pdb pe_unknown_resource_name
↗ File Type PEXE - PE32+ executable (console) x86-64, for MS Windows ..
↗ Tipped: A targets AI and other cyber research findings.
↗ A ‘Target’ became a ‘Target’ vja close association to main Target of predatory retaliation campaign.
↗ track.spywarewatchdog.org • https://track.spywarewatchdog.org - monitoring software
↗ https://palapa.c.id (c.id)
↗ Containers-Pecorino.PalantirGov.com -pecorino.palantirgov.com
↗ cedevice.io • decagonsoftware.com
↗ http://applevless.dns-dynamic.net/ • dns-dynamic.net
↗ http://www.pcup.gov.ph/images/2018/pdf/ComEnBancReso/Commission_Resolution_07s2018.PDF
↗ pcup.gov.ph:
↗ http://www.pcup.gov.ph/images/pdf/Contract_of_SecurityServices2013.pdf pcup.gov.ph:
↗ https://pcup.gov.ph/375 pcup.gov.ph: | https://www.pcup.gov.ph/ pcup.gov.ph:
↗ https://elegantcosmedampyeah.pages.dev/
↗ https://www.ptv.vic.gov.au/more/travelling-on-the-network/lets-go/
↗ inst.govelopscold.com
↗ https://feedback.ptv.vic.gov.au/360
↗ nginx-php.7d4jelnf.trdlpbvl.sdp3.sdp.vic.gov.au
↗ nginx-php.standby.content-premier-vic-gov-au.sdp3.sdp.vic.gov.au
↗ https://hybrid-analysis.com/sample/a16d11910953b800369dbb667f178b3cc45cb8e3315217c0e6ceac68eeba206d
↗ https://brand.centurylinktechnology.com
↗ https://prod.centurylinktechnology.com
↗ https://brand2.centurylinktechnology.com
↗ https://mobile-pocket-guide.centurylinktechnology.com
↗ UPX_OEP_place
↗ Russia or Muskware? URL http://store.7box.vip/ad/C467F60A1AD6.Jpeg
↗ ASP. NET
↗ https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v4.0&appId=705930270206797&autoLogAppEvents=1 Akamai rank:
↗ 7box.vip