CALISTO doxxing: Sekoia.io findings concurs to Reuters’ investigation on FSB-related Andrey Korinets [Thursday, December 21, 2023]

CALISTO doxxing: Sekoia.io findings concurs to Reuters’ investigation on FSB-related Andrey Korinets [Thursday, December 21, 2023]
Report

CALISTO doxxing: Sekoia.io findings concurs to Reuters’ investigation on FSB-related Andrey Korinets

Description :
In the wake of Reuters’s sanctions against two Russian nationals, Sekoia.io published a technical investigation that confirmed that Andrey Korinets was linked to a known phishing network.

Published Created Modified
2023-12-21 15:09:35 2023-12-21 15:09:35 2023-12-21 15:34:21

Tags

Indicators

IPv4s :
  • 185.99.134.22
  • 86.110.117.172
  • 37.1.206.114
  • 185.72.179.132
  • 185.212.128.28
  • 95.213.194.163
  • 139.162.145.184
  • 158.69.149.52
  • 95.171.17.36
Domains :
  • expert-service.tech
  • yahoomailfree.pw
  • yahoocentermail.info
  • en-office365.club
  • emailapp.pw
  • online-redirect.site
  • drive-aoi.icu
  • auth-login.top
  • login-access.top
  • safe-redirect.in.net
  • google-plus.top
  • file-sharing.online
  • hghshop.top
  • qooqle-support-mail.pw
  • authentification-request.top
  • prevention-aol.top
  • yahoo2-srv.bid
  • login-live.review
  • serv.safe-redirect.in.net
  • en-microsofl.live
  • node03-prevention-icloud.link
  • drive-meet-goodle.ru
  • office-356pro.pw
  • secure-store-lcloud.top
  • yamail.press
  • online-1drv.world
  • ukroboronprom.pw
  • anabol.in
  • screenname.click
  • be-strong.org
  • icloud-service.pw
  • ukrpharma.ovh
  • accounts-mail.asia
  • eu-office365.com
  • eu-office365.co
  • muscle.ovh
  • service-mail.asia
  • node005-prevention-aol.link
  • support-mail.top
  • musclepharm.top
  • live-login.info
  • support-gmail.pw
  • ukrnet.pw
  • login-live-com.pw
  • screenname-aol.pw
  • yahoo-user.bid
  • massa.pw
  • gmail-techdoc.pw
  • file-sharing.site
  • platforma.link
Hashes :
  • sykt.support
  • secure-icloud.accountant
  • shared-docs.download
  • y8j4po1ih74l9akzmkq8@r.o-w-o.info
MITRE ATT&CK Techniques :

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.