{ "type": "URL", "indicator": "https://support.apple.com/kb/HT208050.", "general": { "sections": [ "general", "url_list", "http_scans", "screenshot" ], "indicator": "https://support.apple.com/kb/HT208050.", "type": "url", "type_title": "URL", "validation": [ { "source": "alexa", "message": "Alexa rank: #45", "name": "Listed on Alexa" }, { "source": "akamai", "message": "Akamai rank: #2", "name": "Akamai Popular Domain" }, { "source": "whitelist", "message": "Whitelisted domain apple.com", "name": "Whitelisted domain" }, { "source": "majestic", "message": "Whitelisted domain apple.com", "name": "Whitelisted domain" }, { "source": "newssite", "message": "Whitelisted news domain apple.com", "name": "Whitelisted newssite network domain" } ], "base_indicator": { "id": 3980214746, "indicator": "https://support.apple.com/kb/HT208050.", "type": "URL", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 2, "pulses": [ { "id": "6768cd2fdfe372564f3b3345", "name": "Jane Doe is Targeted by DragonForce.io", "description": "Apple has released details of a virus that can be traced to a server in the US, but which has not yet been identified or detected.. and the full list of details has been revealed.", "modified": "2025-02-21T00:58:00.403000", "created": "2024-12-23T02:38:39.269000", "tags": [ "summary", "engine version", "mb data", "start date", "movies", "pictures", "export", "ipv6s", "importcsv", "psobject", "filehashwl", "notin", "select", "date", "write" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 14, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 1, "follower_count": 0, "vote": 0, "author": { "username": "ilyailya", "id": "298851", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 18, "URL": 166, "hostname": 34, "FileHash-SHA256": 143, "FileHash-MD5": 20, "FileHash-SHA1": 20 }, "indicator_count": 401, "is_author": false, "is_subscribing": null, "subscriber_count": 32, "modified_text": "464 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "66ef33ee4a7c08f8865721b3", "name": "The Jane Doe Syndrome: NetBIOs Remote Access & Sonic Warfare", "description": "An array of malicious malware, scripts, and techniques that are copycats to Apple Scripts and undetectable by anti-virus software programs. The malicious scripts such as NetBIOS and DNS spoofing can provide remote access to hackers, enabling them to gain full control and administrative privileges over Apple Inc. MacBooks. These vulnerabilities allow perpetrators to exploit system weaknesses, leading to full remote unauthorized data access, theft of sensitive information, and manipulation of system settings.", "modified": "2024-09-28T16:38:05.097000", "created": "2024-09-21T21:00:30.148000", "tags": [ "Aishah Lazim", "Malaysia", "Russia", "China", "Al-Arqam", "GUANGZHOU FIVE SIX TECHNOLOGY CO" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [ "United States of America" ], "malware_families": [ { "id": "", "display_name": "", "target": null } ], "attack_ids": [ { "id": "T1459", "name": "Device Unlock Code Guessing or Brute Force", "display_name": "T1459 - Device Unlock Code Guessing or Brute Force" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 18, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "ravescoutllc.", "id": "288912", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 4, "domain": 6, "hostname": 14, "URL": 52, "FileHash-MD5": 1, "FileHash-SHA1": 1 }, "indicator_count": 78, "is_author": false, "is_subscribing": null, "subscriber_count": 30, "modified_text": "609 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "references": [], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 0 }, "other": { "adversary": [], "malware_families": [ "" ], "industries": [], "unique_indicators": 142 } } }, "false_positive": [], "alexa": "http://www.alexa.com/siteinfo/apple.com", "whois": "http://whois.domaintools.com/apple.com", "domain": "apple.com", "hostname": "support.apple.com" }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 2, "pulses": [ { "id": "6768cd2fdfe372564f3b3345", "name": "Jane Doe is Targeted by DragonForce.io", "description": "Apple has released details of a virus that can be traced to a server in the US, but which has not yet been identified or detected.. and the full list of details has been revealed.", "modified": "2025-02-21T00:58:00.403000", "created": "2024-12-23T02:38:39.269000", "tags": [ "summary", "engine version", "mb data", "start date", "movies", "pictures", "export", "ipv6s", "importcsv", "psobject", "filehashwl", "notin", "select", "date", "write" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [], "attack_ids": [], "industries": [], "TLP": "green", "cloned_from": null, "export_count": 14, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 1, "follower_count": 0, "vote": 0, "author": { "username": "ilyailya", "id": "298851", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "domain": 18, "URL": 166, "hostname": 34, "FileHash-SHA256": 143, "FileHash-MD5": 20, "FileHash-SHA1": 20 }, "indicator_count": 401, "is_author": false, "is_subscribing": null, "subscriber_count": 32, "modified_text": "464 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "66ef33ee4a7c08f8865721b3", "name": "The Jane Doe Syndrome: NetBIOs Remote Access & Sonic Warfare", "description": "An array of malicious malware, scripts, and techniques that are copycats to Apple Scripts and undetectable by anti-virus software programs. The malicious scripts such as NetBIOS and DNS spoofing can provide remote access to hackers, enabling them to gain full control and administrative privileges over Apple Inc. MacBooks. These vulnerabilities allow perpetrators to exploit system weaknesses, leading to full remote unauthorized data access, theft of sensitive information, and manipulation of system settings.", "modified": "2024-09-28T16:38:05.097000", "created": "2024-09-21T21:00:30.148000", "tags": [ "Aishah Lazim", "Malaysia", "Russia", "China", "Al-Arqam", "GUANGZHOU FIVE SIX TECHNOLOGY CO" ], "references": [], "public": 1, "adversary": "", "targeted_countries": [ "United States of America" ], "malware_families": [ { "id": "", "display_name": "", "target": null } ], "attack_ids": [ { "id": "T1459", "name": "Device Unlock Code Guessing or Brute Force", "display_name": "T1459 - Device Unlock Code Guessing or Brute Force" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 18, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "ravescoutllc.", "id": "288912", "avatar_url": "https://otx.alienvault.com/assets/images/default-avatar.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA256": 4, "domain": 6, "hostname": 14, "URL": 52, "FileHash-MD5": 1, "FileHash-SHA1": 1 }, "indicator_count": 78, "is_author": false, "is_subscribing": null, "subscriber_count": 30, "modified_text": "609 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "https://support.apple.com/kb/HT208050.", "type": "URL" }, "abuseipdb": null, "urlhaus": { "indicator": "https://support.apple.com/kb/HT208050.", "type": "URL", "found": false, "verdict": "clean", "error": null }, "from_cache": true, "_cached_at": 1780211718.341293 }