'Reptile Recon': Discovering CryptoChameleon fast flux IOFAs…

216.73.216.6

'Reptile Recon': Discovering CryptoChameleon fast flux IOFAs. Hundreds of domains, IPs, and ASNs discovered

· Published 30/05/2024 09:31 · Modified 30/05/2024 10:01

Essential information

Published: 30/05/2024 09:31
Modified: 30/05/2024 10:01
Tags: 2024-05-30 cryptochameleon phishing phishing kit
Related entities: 30 observables, 12 techniques (mitre)

Description

A report detailing the analysis of the CryptoChameleon phishing kit, which is used to harvest sensitive information from employees and customers across various platforms. Silent Push Threat Analysts conducted research that revealed a large number of fast flux Indicators of Future Attack (IOFAs) targeting cryptocurrency exchanges, tech companies, and other platforms, using techniques like DNSPod nameservers and fast flux evasion. The report provides background on CryptoChameleon, its tactics and techniques, and the associated infrastructure discovered by Silent Push.

External references

https://www.silentpush.com/blog/cryptochameleon/
https://otx.alienvault.com/pulse/6658476de649d167335d6250