IOC / Reference Classification Actor Risk
MIT Course: React Native Botnet Activity Lazarus Group 30
br.pinterest.com Ransomware APT28 (Fancy Bear) 10
www.gamerlaunch.com Trojan APT41 (Double Dragon) 17
letsbookmarktoday.com Spyware Turla 73
nnbetgameenet.stck.me Phishing Sandworm 39
hackmd.hub.yt DNS Tunneling APT29 (Cozy Bear) 65
www.sunemall.com Spyware Charming Kitten 75
jali.me Cryptojacking Conti 59
writexo.com DDoS Turla 47
postr.yruz.one Adware Sandworm 75
Express.js Feedback Botnet Activity Rocket Kitten 26
postheaven.net Data Exfiltration Magecart 25
zenwriting.net CSRF Charming Kitten 100
dexitex.com Trojan DarkSide 62
xocdia88t3com.gumroad.com C2 Communication Carbanak 22
febet8com.carrd.co Brute Force APT28 (Fancy Bear) 58
Container: Heroku Phishing LockBit 50
brandwoot.com Trojan Gamaredon 78
forum.kryptronic.com Spyware Lazarus Group 39
writeablog.net Data Exfiltration Charming Kitten 96
writeablog.net Credential Stuffing Conti 43
forum.446.s1.nabble.com Beaconing Charming Kitten 88
all4webs.com Fileless Malware Deep Panda 21
Investopedia: Kanban Worm Wizard Spider 44
www.crossroadsbaitandtackle.com DNS Tunneling OilRig 65
writeablog.net Spear Phishing APT29 (Cozy Bear) 92
www.threadless.com Brute Force Turla 25
Encyclopedia: Symfony Trojan OilRig 23
www.pozible.com Credential Stuffing Wizard Spider 52
www.pearltrees.com XSS Gamaredon 46
zenwriting.net Adware OilRig 100
gemstonic.com Cryptojacking APT28 (Fancy Bear) 90
www.thepartyservicesweb.com Cryptojacking APT29 (Cozy Bear) 25
sharkia.gov.eg Cryptojacking Gamaredon 29
scrapbox.io Whaling Conti 26
www.fanart-central.net XSS REvil 77
quicknote.io Whaling Magecart 29
input.scs.community Man-in-the-Middle Equation Group 54
prrush.com Cryptojacking Deep Panda 31
HN Discussion: Objective-C Botnet Activity Conti 99

Incident C4CA4238: Malware & C2 Indicators

Real-time threat intelligence feed for Defense sector. Report #C4CA4238 contains IoCs, TTPs, and risk scoring for active campaigns detected in the last 24 hours.