216.73.217.98

Indicator (IOC)

stix AlienVault · Published 17/04/2026 12:45 · Modified 09/05/2026 01:11

Essential information

Value / Name
uw04webzoom.us
Confidence
100/100
Revoked
No
Valid from
17/04/2026 10:37
Valid until
12/09/2026 10:33
Pattern type
stix
Published
17/04/2026 12:45
Modified
09/05/2026 01:11
Author / Source
AlienVault

Description

No description.

Pattern

[domain-name:value = 'uw04webzoom.us']

Labels / Tags

Labels: applescript com.apple.cli com.google.chromes.updaters credential harvesting cryptocurrency theft icloudz macos north korea sapphire sleet services social engineering softwareupdate.app systemupdate.app tcc bypass

Marking (TLP)

TLP:CLEAR

Related entities

Reports and intrusion sets linked to this IOC.

Intrusion sets (1)

  • STARDUST CHOLLIMA NICKEL GLADSTONEBeagleBoyz
    The MITRE Corporation Confidence 100

    [APT38](https://attack.mitre.org/groups/G0082) is a North Korean state-sponsored threat group that specializes in financial cyber operations; it has been attributed to the Reconnaissance General Bureau.(Citation: CISA AA20-239A BeagleBoyz August 2020)…

    First seen 01/01/1970 · Last seen 16/11/5138 ·