80.89.237.112

This cluster centers on 2764 connected domains tagged as BeaverTail, Kaiji, fbf543. 645 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 1132 phone numbers (7638857447, 8664372914, 2157987305) with 10266 FTC complaints; 146 companies (JPMORGAN CHASE & CO., Advanced Resolution Services Inc., EVERBANK, NATIONAL ASSOCIATION) with 8616274 CFPB complaints; 298 email addresses (xxxxxxxxxxxxxxxxxxxxxxxx@vm...

This cluster centers on 3287 connected domains tagged as HijackLoader, RemcosRAT, screenconnect. 617 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 1649 phone numbers (5408463620, 8552597377, 8007873903) with 7110 FTC complaints; 143 companies (Informative LLC, HomePlus Corporation, Doral Capital Corporation) with 8547081 CFPB complaints; 807 email addresses (kellymoore_64@yahoo.com, schantzsybg7@...

This cluster centers on 2874 connected domains tagged as QuasarRAT, StealitStealer, pw-k53mv9bc. 652 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. The connected infrastructure includes 1375 phone numbers (2157987305, 2025069230, 2028641298) with 14635 FTC complaints; 160 companies (JPMORGAN CHASE & CO., Advanced Resolution Services Inc., EVERBANK, NATIONAL ASSOCIATION) with 8680419 CFPB complaints; 299 email addresses (abuse@fb.com, ...

This cluster centers on 645 connected domains tagged as NorthKorea, backdoor, pw-cyrex. 645 of these domains have been flagged by threat intelligence feeds including Google Safe Browsing and URLhaus. Do not click links to any of the flagged domains. If you have visited one, check your accounts for unauthorized activity and consider changing your passwords. You can report suspicious contacts to the FTC at reportfraud.ftc.gov or to the FCC at consumercomplaints.fcc.gov. This campaign was identif...