← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Threat Intelligence | Analysis of Token Vesting Phishing Poisoning
WHITE CyberHunter_NL 2026-02-04 Modified: 2026-03-06
9
IOCs
LOW VOLUME
A targeted attack on the macOS operating system, using a disguised AppleScript, has been uncovered by researchers at the Chainbase Lab and the SlowMist security team, who are working with them to identify and identify the attackers.
applescriptchainbaseauditcontroljanuaryunited nationsintelligenceanalysistoken vestingmin read2phishingterminaldesktopcrypto
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (9)
All FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 0f1e457488fe799dee7ace7e1bc2df4c1793245f334a4298035652ebeb249414 2026-02-04
FileHash-SHA256 3e4d35903c51db3da8d4bd77491b5c181b7361aaf152609d03a1e2bb86faee43 2026-02-04
FileHash-SHA256 f9e0376114c57d659025ceb46f1ef48aa80b8af5909b2de0cf80e88040fef345 2026-02-04
URL https://sevrrhst.com/css/controller.php 2026-02-04
URL https://sevrrhst.com/inc/register.php 2026-02-04
domain bhex.sg 2026-02-04
domain sevrrhst.com 2026-02-04
domain stomcs.com 2026-02-04
domain tattomc.com 2026-02-04
References (1)
↗ https://slowmist.medium.com/threat-intelligence-analysis-of-token-vesting-phishing-poisoning-50f39f5b9718