Malware distribution

http://safalkisan.co.in/id/?blahblahblah was advertised in Polish SMS spam. On a desktop browser it returns an empty page, on mobile the results are different. This is a hallmark of a specific phishing kit that offers downloads of the FakeCop malware pretending it is a DHL package delivery site.

$ host safalkisan.co.in
safalkisan.co.in has address 207.244.236.34

See also https://www.botconf.eu/wp-content/uploads/2019/12/B2019-Ishimaru-Niseki-Ogawa-Mantis.pdf for a comprehensive explanation of what this malware is.

Опубликовано
В рубрике contabo.de

Добавить комментарий

Ваш адрес email не будет опубликован.