3CX Supply Chain Attack: Few Pictures Before The Complete

index	domain	created	expires	registrar	registrant
1	sbmsa.wiki	2023-02-09 02:15:06 UTC	2024-02-09 02:15:06 UTC	NAMECHEAP INC	N/A
2	pbxcloudeservices.com	2022-12-23 07:07:00 UTC	2023-12-23 07:07:00 UTC	PDR Ltd. d/b/a PublicDomainRegistry.com	philip.je@proton.me - Philip James
3	pbxphonenetwork.com	2022-12-26 06:37:48 UTC	2023-12-26 06:37:48 UTC	NameSilo, LLC	haroldjmarable@gmail.com - Harold Marable
4	pbxsources.com	2023-01-04 07:38:25 UTC	2024-01-04 07:38:25 UTC	NAMECHEAP INC	N/A
5	sourceslabs.com	2022-12-09 07:05:32 UTC	2023-12-09 07:05:32 UTC	eNom, LLC	N/A
6	zacharryblogs.com	2022-12-13 07:44:09 UTC	2023-12-13 07:44:09 UTC	NAMECHEAP INC	N/A
7	journalide.org	2022-04-08 02:33:06 UTC	2024-04-08 02:33:06 UTC	NAMECHEAP INC	N/A
8	dunamistrd.com	2022-12-06 08:16:48 UTC	2023-12-06 08:16:48 UTC	NAMECHEAP INC	N/A
9	visualstudiofactory.com	2022-11-17 08:28:01 UTC	2023-11-17 08:28:01 UTC	NAMECHEAP INC	N/A
10	qwepoi123098.com	2022-11-17 02:31:31 UTC	2023-11-17 02:31:31 UTC	NAMECHEAP INC	N/A
11	officestoragebox.com	2022-11-17 07:54:38 UTC	2023-11-17 07:54:38 UTC	NAMECHEAP INC	N/A
12	officeaddons.com	2022-12-09 03:28:16 UTC	2023-12-09 03:28:16 UTC	PDR Ltd. d/b/a PublicDomainRegistry.com	jackiewcaudill@gmail.com - Jackie Caudill
13	msstorageboxes.com	2022-12-09 02:12:50 UTC	2023-12-09 02:12:50 UTC	NAMECHEAP INC	N/A
14	msstorageazure.com	2022-11-17 07:40:38 UTC	2023-11-17 07:40:38 UTC	NAMECHEAP INC	N/A
15	msedgepackageinfo.com	2023-01-06 00:32:36 UTC	2024-01-06 00:32:36 UTC	NameSilo, LLC	Remey.Simpson@outlook.com - Remey Simpson
16	glcloudservice.com	2023-01-06 02:16:14 UTC	2024-01-06 02:16:14 UTC	NAMECHEAP INC	N/A
17	akamaicontainer.com	2022-02-22 01:29:07 UTC	2024-02-22 01:29:07 UTC	NAMECHEAP INC	N/A
18	akamaitechcloudservices.com	2023-01-04 06:25:57 UTC	2024-01-04 06:25:57 UTC	NAMECHEAP INC	N/A
19	azuredeploystore.com	2022-12-07 23:46:28 UTC	2023-12-07 23:46:28 UTC	NameSilo, LLC	N/A
20	azureonlinecloud.com	2022-02-22 00:13:19 UTC	2024-02-22 00:13:19 UTC	NAMECHEAP INC	N/A
21	azureonlinestorage.com	2023-01-05 08:27:48 UTC	2024-01-05 08:27:48 UTC	PDR Ltd. d/b/a PublicDomainRegistry.com	cliego.garcia@proton.me - Diego Garcia

References

[1] https://www.crowdstrike.com/blog/crowdstrike-detects-and-prevents-active-intrusion-campaign-targeting-3cxdesktopapp-customers/

[2] https://lookup.icann.org/en/lookup

[3] https://www.whois.com

tags: #threat intelligence