3CX Supply Chain Attack: Few Pictures Before The Complete

index domain created expires registrar registrant
1 sbmsa.wiki 2023-02-09 02:15:06 UTC 2024-02-09 02:15:06 UTC NAMECHEAP INC N/A
2 pbxcloudeservices.com 2022-12-23 07:07:00 UTC 2023-12-23 07:07:00 UTC PDR Ltd. d/b/a PublicDomainRegistry.com philip.je@proton.me - Philip James
3 pbxphonenetwork.com 2022-12-26 06:37:48 UTC 2023-12-26 06:37:48 UTC NameSilo, LLC haroldjmarable@gmail.com - Harold Marable
4 pbxsources.com 2023-01-04 07:38:25 UTC 2024-01-04 07:38:25 UTC NAMECHEAP INC N/A
5 sourceslabs.com 2022-12-09 07:05:32 UTC 2023-12-09 07:05:32 UTC eNom, LLC N/A
6 zacharryblogs.com 2022-12-13 07:44:09 UTC 2023-12-13 07:44:09 UTC NAMECHEAP INC N/A
7 journalide.org 2022-04-08 02:33:06 UTC 2024-04-08 02:33:06 UTC NAMECHEAP INC N/A
8 dunamistrd.com 2022-12-06 08:16:48 UTC 2023-12-06 08:16:48 UTC NAMECHEAP INC N/A
9 visualstudiofactory.com 2022-11-17 08:28:01 UTC 2023-11-17 08:28:01 UTC NAMECHEAP INC N/A
10 qwepoi123098.com 2022-11-17 02:31:31 UTC 2023-11-17 02:31:31 UTC NAMECHEAP INC N/A
11 officestoragebox.com 2022-11-17 07:54:38 UTC 2023-11-17 07:54:38 UTC NAMECHEAP INC N/A
12 officeaddons.com 2022-12-09 03:28:16 UTC 2023-12-09 03:28:16 UTC PDR Ltd. d/b/a PublicDomainRegistry.com jackiewcaudill@gmail.com - Jackie Caudill
13 msstorageboxes.com 2022-12-09 02:12:50 UTC 2023-12-09 02:12:50 UTC NAMECHEAP INC N/A
14 msstorageazure.com 2022-11-17 07:40:38 UTC 2023-11-17 07:40:38 UTC NAMECHEAP INC N/A
15 msedgepackageinfo.com 2023-01-06 00:32:36 UTC 2024-01-06 00:32:36 UTC NameSilo, LLC Remey.Simpson@outlook.com - Remey Simpson
16 glcloudservice.com 2023-01-06 02:16:14 UTC 2024-01-06 02:16:14 UTC NAMECHEAP INC N/A
17 akamaicontainer.com 2022-02-22 01:29:07 UTC 2024-02-22 01:29:07 UTC NAMECHEAP INC N/A
18 akamaitechcloudservices.com 2023-01-04 06:25:57 UTC 2024-01-04 06:25:57 UTC NAMECHEAP INC N/A
19 azuredeploystore.com 2022-12-07 23:46:28 UTC 2023-12-07 23:46:28 UTC NameSilo, LLC N/A
20 azureonlinecloud.com 2022-02-22 00:13:19 UTC 2024-02-22 00:13:19 UTC NAMECHEAP INC N/A
21 azureonlinestorage.com 2023-01-05 08:27:48 UTC 2024-01-05 08:27:48 UTC PDR Ltd. d/b/a PublicDomainRegistry.com cliego.garcia@proton.me - Diego Garcia

References

[1] https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

[2] https://lookup.icann.org/en/lookup

[3] https://www.whois.com


tags: #threat intelligence