{ "type": "Domain", "indicator": "hardwarecloseout.com", "general": { "sections": [ "general", "geo", "url_list", "passive_dns", "malware", "whois", "http_scans" ], "whois": "http://whois.domaintools.com/hardwarecloseout.com", "alexa": "http://www.alexa.com/siteinfo/hardwarecloseout.com", "indicator": "hardwarecloseout.com", "type": "domain", "type_title": "Domain", "validation": [], "base_indicator": { "id": 3551861610, "indicator": "hardwarecloseout.com", "type": "domain", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 9, "pulses": [ { "id": "63244fc3c3191df7eeddff72", "name": "Malvertising on Microsoft Edge's News Feed pushes tech support scams", "description": "MalwareBytes has tracked and observed a malvertising campaign on the Microsoft Edge News Feed used to redirect victims to tech support scam pages. The scheme is simple and relies on threat actors inserting their advertisements on the Edge home page and trying to lure users with shocking or bizarre stories.", "modified": "2022-09-16T10:28:18.390000", "created": "2022-09-16T10:28:18.390000", "tags": [ "scam", "malvertising" ], "references": [ "https://www.malwarebytes.com/blog/threat-intelligence/2022/09/microsoft-edges-news-feed-pushes-tech-support-scam" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 487, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "AlienVault", "id": "2", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_2/resized/80/avatar_dacfad0ca8.png", "is_subscribed": true, "is_following": false }, "indicator_type_counts": { "domain": 33 }, "indicator_count": 33, "is_author": false, "is_subscribing": null, "subscriber_count": 386515, "modified_text": "1353 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6328898ba74ca82022928002", "name": "Malvertising on Microsoft Edge's News Feed pushes tech support scams", "description": "The Malwarebytes logo has been added to the list of products available on the web, as part of Microsoft's \"Smart Security Day\" on Thursday. \u00c2\u00a31.5m", "modified": "2022-09-19T15:23:55.572000", "created": "2022-09-19T15:23:55.572000", "tags": [ "microsoft edge", "news feed", "google chrome", "chromium source", "edge home", "technical", "taboola ad", "base64", "javascript", "vpns" ], "references": [ "https://www.malwarebytes.com/blog/threat-intelligence/2022/09/microsoft-edges-news-feed-pushes-tech-support-scam" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1176", "name": "Browser Extensions", "display_name": "T1176 - Browser Extensions" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "CyberHunter_NL", "id": "171283", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_171283/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "email": 1, "domain": 33 }, "indicator_count": 34, "is_author": false, "is_subscribing": null, "subscriber_count": 863, "modified_text": "1349 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "63250cdc2583cb5063831ec9", "name": "Malvertising on News Feed Pushes Tech Support Scams", "description": "", "modified": "2022-09-16T23:55:08.138000", "created": "2022-09-16T23:55:08.138000", "tags": [ "Malvertising", "MalSpam", "TechScam", "T1190", "OSINT" ], "references": [ "https://community.riskiq.com/article/47fb44d2" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "CyberHunterAutoFeed", "id": "182496", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_182496/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 34 }, "indicator_count": 34, "is_author": false, "is_subscribing": null, "subscriber_count": 1621, "modified_text": "1352 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "63249d96f9a62ac958bd9d24", "name": "Malvertising on Microsoft Edge's News Feed pushes tech support scams", "description": "The Malwarebytes logo has been added to the list of products available on the web, as part of Microsoft's \"Smart Security Day\" on Thursday. \u00c2\u00a31.5m", "modified": "2022-09-16T16:00:20.881000", "created": "2022-09-16T16:00:20.881000", "tags": [ "microsoft edge", "news feed", "google chrome", "chromium source", "edge home", "technical", "taboola ad", "base64", "javascript", "vpns" ], "references": [ "https://www.malwarebytes.com/blog/threat-intelligence/2022/09/microsoft-edges-news-feed-pushes-tech-support-scam" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1176", "name": "Browser Extensions", "display_name": "T1176 - Browser Extensions" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Cyber74Team", "id": "202637", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_202637/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 34 }, "indicator_count": 34, "is_author": false, "is_subscribing": null, "subscriber_count": 164, "modified_text": "1352 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "63244626028d6fbe816f5cd5", "name": "Malvertising on Microsoft Edge's News Feed pushes tech support scams", "description": "The Malwarebytes logo has been added to the list of products available on the web, as part of Microsoft's \"Smart Security Day\" on Thursday. \u00c2\u00a31.5m", "modified": "2022-09-16T09:47:18.465000", "created": "2022-09-16T09:47:18.465000", "tags": [ "microsoft edge", "news feed", "google chrome", "chromium source", "edge home", "technical", "taboola ad", "base64", "javascript", "vpns" ], "references": [ "https://www.malwarebytes.com/blog/threat-intelligence/2022/09/microsoft-edges-news-feed-pushes-tech-support-scam" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1176", "name": "Browser Extensions", "display_name": "T1176 - Browser Extensions" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "CyberHunter_NL", "id": "171283", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_171283/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 34 }, "indicator_count": 34, "is_author": false, "is_subscribing": null, "subscriber_count": 864, "modified_text": "1353 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6323e60242db3d7725b26192", "name": "Malvertising on Microsoft Edge's News Feed pushes tech support scams", "description": "Here's a look at some of the best tweets from the past 12 months, as well as the top ones from Twitter and other social media sites, including Facebook, Twitter, Instagram and Instagram.", "modified": "2022-09-16T02:57:06.048000", "created": "2022-09-16T02:57:06.048000", "tags": [ "mbthreatintel", "microsoft edge", "news feed", "google chrome", "chromium source", "edge home", "technical", "taboola ad", "base64", "javascript", "vpns", "help center", "please", "service privacy", "policy cookie", "policy imprint", "ads info", "twitter" ], "references": [ "https://twitter.com/MBThreatIntel/status/1570459816124116994", "https://www.malwarebytes.com/blog/threat-intelligence/2022/09/microsoft-edges-news-feed-pushes-tech-support-scam" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1176", "name": "Browser Extensions", "display_name": "T1176 - Browser Extensions" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 10, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "mohdrennis", "id": "138092", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 33 }, "indicator_count": 33, "is_author": false, "is_subscribing": null, "subscriber_count": 354, "modified_text": "1353 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6323d5bd8e6f903e4da0f406", "name": "Microsoft Edge\u2019s News Feed ads abused for tech support scams", "description": "", "modified": "2022-09-16T01:47:41.144000", "created": "2022-09-16T01:47:41.144000", "tags": [], "references": [ "September 16th, 2022 - CryptoGen Cyber Threat Intelligence - Microsoft Edge\u2019s News Feed ads abused for tech support scams.pdf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "cryptocti", "id": "110256", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_110256/resized/80/avatar_e237a4257c.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 34 }, "indicator_count": 34, "is_author": false, "is_subscribing": null, "subscriber_count": 499, "modified_text": "1353 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6323bae0195922089ecf659a", "name": "Twitter Feed - MBThreatIntel - 15-09-2022", "description": "", "modified": "2022-09-15T23:53:04.237000", "created": "2022-09-15T23:53:04.237000", "tags": [], "references": [ "https://twitter.com/MBThreatIntel/status/1570460073058766848", "https://twitter.com/MBThreatIntel/status/1570460074270928897", "https://twitter.com/MBThreatIntel/status/1570510541168472065" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "CyberHunterAutoFeed", "id": "182496", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_182496/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 18 }, "indicator_count": 18, "is_author": false, "is_subscribing": null, "subscriber_count": 1621, "modified_text": "1353 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6323666a9925bb0ab513c187", "name": "Malvertising on Microsoft Edge's News Feed pushes tech support scams", "description": "", "modified": "2022-09-15T17:54:07.059000", "created": "2022-09-15T17:52:42.024000", "tags": [ "microsoft edge", "news feed", "google chrome", "chromium source", "edge home", "technical", "taboola ad", "base64", "javascript", "vpns", "tech support scam" ], "references": [ "https://www.malwarebytes.com/blog/threat-intelligence/2022/09/microsoft-edges-news-feed-pushes-tech-support-scam" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1176", "name": "Browser Extensions", "display_name": "T1176 - Browser Extensions" }, { "id": "T1219", "name": "Remote Access Software", "display_name": "T1219 - Remote Access Software" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 5, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "_Cyberfish", "id": "206993", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 33 }, "indicator_count": 33, "is_author": false, "is_subscribing": null, "subscriber_count": 30, "modified_text": "1353 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "references": [ "https://www.malwarebytes.com/blog/threat-intelligence/2022/09/microsoft-edges-news-feed-pushes-tech-support-scam", "https://community.riskiq.com/article/47fb44d2", "https://twitter.com/MBThreatIntel/status/1570510541168472065", "https://twitter.com/MBThreatIntel/status/1570460073058766848", "https://twitter.com/MBThreatIntel/status/1570459816124116994", "September 16th, 2022 - CryptoGen Cyber Threat Intelligence - Microsoft Edge\u2019s News Feed ads abused for tech support scams.pdf", "https://twitter.com/MBThreatIntel/status/1570460074270928897" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [] }, "other": { "adversary": [], "malware_families": [], "industries": [] } } }, "false_positive": [] }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 9, "pulses": [ { "id": "63244fc3c3191df7eeddff72", "name": "Malvertising on Microsoft Edge's News Feed pushes tech support scams", "description": "MalwareBytes has tracked and observed a malvertising campaign on the Microsoft Edge News Feed used to redirect victims to tech support scam pages. The scheme is simple and relies on threat actors inserting their advertisements on the Edge home page and trying to lure users with shocking or bizarre stories.", "modified": "2022-09-16T10:28:18.390000", "created": "2022-09-16T10:28:18.390000", "tags": [ "scam", "malvertising" ], "references": [ "https://www.malwarebytes.com/blog/threat-intelligence/2022/09/microsoft-edges-news-feed-pushes-tech-support-scam" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 487, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "AlienVault", "id": "2", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_2/resized/80/avatar_dacfad0ca8.png", "is_subscribed": true, "is_following": false }, "indicator_type_counts": { "domain": 33 }, "indicator_count": 33, "is_author": false, "is_subscribing": null, "subscriber_count": 386515, "modified_text": "1353 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6328898ba74ca82022928002", "name": "Malvertising on Microsoft Edge's News Feed pushes tech support scams", "description": "The Malwarebytes logo has been added to the list of products available on the web, as part of Microsoft's \"Smart Security Day\" on Thursday. \u00c2\u00a31.5m", "modified": "2022-09-19T15:23:55.572000", "created": "2022-09-19T15:23:55.572000", "tags": [ "microsoft edge", "news feed", "google chrome", "chromium source", "edge home", "technical", "taboola ad", "base64", "javascript", "vpns" ], "references": [ "https://www.malwarebytes.com/blog/threat-intelligence/2022/09/microsoft-edges-news-feed-pushes-tech-support-scam" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1176", "name": "Browser Extensions", "display_name": "T1176 - Browser Extensions" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "CyberHunter_NL", "id": "171283", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_171283/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "email": 1, "domain": 33 }, "indicator_count": 34, "is_author": false, "is_subscribing": null, "subscriber_count": 863, "modified_text": "1349 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "63250cdc2583cb5063831ec9", "name": "Malvertising on News Feed Pushes Tech Support Scams", "description": "", "modified": "2022-09-16T23:55:08.138000", "created": "2022-09-16T23:55:08.138000", "tags": [ "Malvertising", "MalSpam", "TechScam", "T1190", "OSINT" ], "references": [ "https://community.riskiq.com/article/47fb44d2" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "CyberHunterAutoFeed", "id": "182496", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_182496/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 34 }, "indicator_count": 34, "is_author": false, "is_subscribing": null, "subscriber_count": 1621, "modified_text": "1352 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "63249d96f9a62ac958bd9d24", "name": "Malvertising on Microsoft Edge's News Feed pushes tech support scams", "description": "The Malwarebytes logo has been added to the list of products available on the web, as part of Microsoft's \"Smart Security Day\" on Thursday. \u00c2\u00a31.5m", "modified": "2022-09-16T16:00:20.881000", "created": "2022-09-16T16:00:20.881000", "tags": [ "microsoft edge", "news feed", "google chrome", "chromium source", "edge home", "technical", "taboola ad", "base64", "javascript", "vpns" ], "references": [ "https://www.malwarebytes.com/blog/threat-intelligence/2022/09/microsoft-edges-news-feed-pushes-tech-support-scam" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1176", "name": "Browser Extensions", "display_name": "T1176 - Browser Extensions" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Cyber74Team", "id": "202637", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_202637/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 34 }, "indicator_count": 34, "is_author": false, "is_subscribing": null, "subscriber_count": 164, "modified_text": "1352 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "63244626028d6fbe816f5cd5", "name": "Malvertising on Microsoft Edge's News Feed pushes tech support scams", "description": "The Malwarebytes logo has been added to the list of products available on the web, as part of Microsoft's \"Smart Security Day\" on Thursday. \u00c2\u00a31.5m", "modified": "2022-09-16T09:47:18.465000", "created": "2022-09-16T09:47:18.465000", "tags": [ "microsoft edge", "news feed", "google chrome", "chromium source", "edge home", "technical", "taboola ad", "base64", "javascript", "vpns" ], "references": [ "https://www.malwarebytes.com/blog/threat-intelligence/2022/09/microsoft-edges-news-feed-pushes-tech-support-scam" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1176", "name": "Browser Extensions", "display_name": "T1176 - Browser Extensions" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "CyberHunter_NL", "id": "171283", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_171283/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 34 }, "indicator_count": 34, "is_author": false, "is_subscribing": null, "subscriber_count": 864, "modified_text": "1353 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6323e60242db3d7725b26192", "name": "Malvertising on Microsoft Edge's News Feed pushes tech support scams", "description": "Here's a look at some of the best tweets from the past 12 months, as well as the top ones from Twitter and other social media sites, including Facebook, Twitter, Instagram and Instagram.", "modified": "2022-09-16T02:57:06.048000", "created": "2022-09-16T02:57:06.048000", "tags": [ "mbthreatintel", "microsoft edge", "news feed", "google chrome", "chromium source", "edge home", "technical", "taboola ad", "base64", "javascript", "vpns", "help center", "please", "service privacy", "policy cookie", "policy imprint", "ads info", "twitter" ], "references": [ "https://twitter.com/MBThreatIntel/status/1570459816124116994", "https://www.malwarebytes.com/blog/threat-intelligence/2022/09/microsoft-edges-news-feed-pushes-tech-support-scam" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1176", "name": "Browser Extensions", "display_name": "T1176 - Browser Extensions" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 10, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "mohdrennis", "id": "138092", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 33 }, "indicator_count": 33, "is_author": false, "is_subscribing": null, "subscriber_count": 354, "modified_text": "1353 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6323d5bd8e6f903e4da0f406", "name": "Microsoft Edge\u2019s News Feed ads abused for tech support scams", "description": "", "modified": "2022-09-16T01:47:41.144000", "created": "2022-09-16T01:47:41.144000", "tags": [], "references": [ "September 16th, 2022 - CryptoGen Cyber Threat Intelligence - Microsoft Edge\u2019s News Feed ads abused for tech support scams.pdf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 3, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "cryptocti", "id": "110256", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_110256/resized/80/avatar_e237a4257c.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 34 }, "indicator_count": 34, "is_author": false, "is_subscribing": null, "subscriber_count": 499, "modified_text": "1353 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6323bae0195922089ecf659a", "name": "Twitter Feed - MBThreatIntel - 15-09-2022", "description": "", "modified": "2022-09-15T23:53:04.237000", "created": "2022-09-15T23:53:04.237000", "tags": [], "references": [ "https://twitter.com/MBThreatIntel/status/1570460073058766848", "https://twitter.com/MBThreatIntel/status/1570460074270928897", "https://twitter.com/MBThreatIntel/status/1570510541168472065" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 2, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "api", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "CyberHunterAutoFeed", "id": "182496", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_182496/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 18 }, "indicator_count": 18, "is_author": false, "is_subscribing": null, "subscriber_count": 1621, "modified_text": "1353 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 }, { "id": "6323666a9925bb0ab513c187", "name": "Malvertising on Microsoft Edge's News Feed pushes tech support scams", "description": "", "modified": "2022-09-15T17:54:07.059000", "created": "2022-09-15T17:52:42.024000", "tags": [ "microsoft edge", "news feed", "google chrome", "chromium source", "edge home", "technical", "taboola ad", "base64", "javascript", "vpns", "tech support scam" ], "references": [ "https://www.malwarebytes.com/blog/threat-intelligence/2022/09/microsoft-edges-news-feed-pushes-tech-support-scam" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [ { "id": "T1176", "name": "Browser Extensions", "display_name": "T1176 - Browser Extensions" }, { "id": "T1219", "name": "Remote Access Software", "display_name": "T1219 - Remote Access Software" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 5, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "_Cyberfish", "id": "206993", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 33 }, "indicator_count": 33, "is_author": false, "is_subscribing": null, "subscriber_count": 30, "modified_text": "1353 days ago ", "is_modified": false, "groups": [], "in_group": false, "threat_hunter_scannable": false, "threat_hunter_has_agents": 1, "related_indicator_type": "domain", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "hardwarecloseout.com", "type": "Domain" }, "abuseipdb": null, "urlhaus": { "indicator": "hardwarecloseout.com", "found": false, "verdict": "clean", "urls": [], "error": null }, "from_cache": true, "_cached_at": 1780224535.613984 }