The Posts for Counterfeit Merchandise – Once the account is created, it joins hundreds of groups and posts ads. The pattern for the posts these fake profiles are proliferating consist primarily of a sales pitch, a website link containing various domains primarily made up from .tk websites without canonical references followed by a picture of the supposed merchandise to be sold.
Using the Russian Business Network as an Intermediary – These actors are using Russian Business Network IP addresses as intermediaries to host the .tk redirectors. This technique is being used as an evasion tactic to prevent easy discovery and blocking of the offending counterfeit merchandise website.
Mass Redirection Using .tk Websites – The actors create multiple redirectors hosted on the same IP address over time
The researchers proved that cybercriminals adopted method of replication being used here is replicated over multiple domains, with multiple redirectors. They also identified the pattern followed by the counterfeit merchandise websites despite they use to rotate domain, hosting, registrar and geo-location, distinct patterns exist across all the websites being distributed centered primarily against the actual content.
FoeI suggest the reading of the interesting white paper ….
Pierluigi Paganini
(Security Affairs – Facebook, Cybercrime, Cybercriminals Leveraging Facebook Report )
China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher…
The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack…
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly…
This website uses cookies.