Proton66

Search IOCs, vulnerabilities, APT…

216.73.217.22

← Back to intrusion sets

· Published 21/12/2025 13:38 · Modified 21/12/2025 13:38 · Source: AlienVault

Essential information

Confidence: 100/100
Published: 21/12/2025 13:38
Modified: 21/12/2025 13:38
Updated at: 21/12/2025 13:38
Revoked: No
Author / Source: AlienVault
Resource level: —
Primary motivation: —
Related entities: 2 reports, 25 attack patterns (mitre), 5 malware, 6 sectors, 9 countries, 42 indicators, 5 vulnerabilities (cve)

Description

No description.

Marking (TLP)

TLP:CLEAR

Related entities

Attack patterns, malware, vulnerabilities, indicators and other entities linked to this intrusion set.

Reports (2)

Mass Scanning and Exploit Campaigns

5 CVEs 11 MITREs 1 Malware 22 Observables 1 APT

Published 16/05/2025 08:51 · Modified 21/05/2025 21:05
Proton66: Compromised WordPress Pages and Malware Campaigns

15 MITREs 4 Malwares 48 Observables 1 APT

Published 18/04/2025 08:11 · Modified 18/04/2025 14:14

Attack patterns (MITRE) (25)

T1059.001 uses

PowerShell
T1027 uses

Obfuscated Files or Information
T1133 uses

External Remote Services
T1547.001 uses

Registry Run Keys / Startup Folder
T1486 uses

Data Encrypted for Impact
T1059.005 uses

Visual Basic
T1055 uses

Process Injection
T1566.001 uses

Spearphishing Attachment
T1005 uses

Data from Local System
Email Accounts uses

T1585.002
T1056.001 uses

Keylogging
T1190 uses

Exploit Public-Facing Application

← Previous

Page / 3

1–12 of 25

Remcos uses

Family

Published 05/05/2026 18:45 · Modified 05/05/2026 18:45
WeaXor uses

Family

Published 16/05/2025 08:51 · Modified 16/05/2025 08:51
SuperBlack uses

Family

Published 16/05/2025 08:51 · Modified 16/05/2025 08:51
XWorm uses

Family

Published 27/03/2026 08:45 · Modified 27/03/2026 08:45
Strela Stealer uses

Family

Published 16/05/2025 08:51 · Modified 16/05/2025 08:51

Sectors (6)

Retail targets
Technology targets
Healthcare targets
Manufacturing targets
Government targets
Finance targets

Countries (9)

United States of America targets
Switzerland targets
Greece targets
France targets
Germany targets
Luxembourg targets
Spain targets
Austria targets
Liechtenstein targets

Indicators (42)

http://my-tasjeel-ae.com/getfr.js indicates
956934581dfdba96d69b77b14f6ab3228705862b2bd189cd98d6bfb9565d9570 indicates
spain-playmarket.com indicates
updatestore-spain.com indicates
my-tasjeel-ae.com indicates
spain-playstores.com indicates
7d1de2f4ab7c35b53154dc490ad3e7ad19ff04cfaa10b1828beba1ffadbaf1ab indicates
http://www-wpx.net/assets/core.js indicates
7f2319f4e340b3877e34d5a06e09365f6356de5706e7a78e367934b8a58ed0e7 indicates
a2f0e6f9c5058085eac1c9e7a8b2060b38fd8dbdcba2981283a5e224f346e147 indicates
playstors-gr.com indicates
playstors-france.com indicates

← Previous

Page / 4

1–12 of 42

Vulnerabilities (CVE) (5)

CVE-2024-41713 KEV

9.1 Critical

A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker …

Attack vector: Network
Published: 07/01/2025
Modified: 21/12/2025

Awaiting Analysis

CVE-2024-55591 KEV

9.8 Critical

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through …

Attack vector: Network
Published: 14/01/2025
Modified: 27/05/2026

Analyzed

CVE-2025-24472 KEV

8.1 High

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 …

Attack vector: Network
Published: 18/03/2025
Modified: 21/12/2025

Awaiting Analysis

CVE-2024-10914