Add moneybadgers domains to wildcard list #492
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This was referenced Oct 8, 2024
spirillen
added a commit
to mypdns/matrix
that referenced
this pull request
Oct 9, 2024
- securoscans.com Fixed #MTX-1167 - threatdetect.org Fixed #MTX-1163 - updatenow.pro Fixed #MTX-1166 - bowigarp.xyz Fixed #MTX-1165 - gomlaner.xyz Fixed #MTX-1164 - himosteg.xyz Fixed #MTX-1162 - hirgoles.xyz Fixed #MTX-1168 - kositanh.xyz Fixed #MTX-1169 [//]: # (Github Issues) Fix #1168 Fix #1167 Fix #1166 Fix #1165 Fix #1164 Fix #1163 Fix #1162 Fix #1161 Rel: mitchellkrogza/phishing#492 Credit: @g0d33p3rsec --------- Thanks to Jetbrains, for Sponsoring My Privacy DNS with their Open Source software licenses. Their software helps us develop and maintain My Privacy DNS and other project as they made writing code easier.
This was referenced Oct 9, 2024
Closed
spirillen
added a commit
to mypdns/matrix
that referenced
this pull request
Oct 9, 2024
Fix ^MTX-1171 kalestin.xyz Fix ^MTX-1172 ragimost.xyz Fix ^MTX-1173 avgs.fun Fix ^MTX-1174 daleesh.fun Fix ^MTX-1175 avastos.fun Fix ^MTX-1176 firengav.xyz Fix ^MTX-1177 dolaxabof.xyz Fix ^MTX-1178 hugabedis.xyz Fix ^MTX-1179 mabikorst.xyz Fix ^MTX-1180 worldwidewebshield.info Fix ^MTX-1181 alhocans.xyz Fix ^MTX-1182 koruns.xyz Fix ^MTX-1183 ilertonp.xyz Fix ^MTX-1184 kusilong.xyz Fix ^MTX-1185 neburfaw.xyz Fix #MTX-1186 com-trackahc.top Rel: mitchellkrogza/phishing#492 Rel: mitchellkrogza/phishing#493 --------- Thanks to Jetbrains, for Sponsoring My Privacy DNS with their Open Source software licenses. Their software helps us develop and maintain My Privacy DNS and other project as they made writing code easier. --------- Related GitHub Issues: - #1169 - #1170 - #1171 - #1172 - #1173 - #1174 - #1175 - #1176 - #1177 - #1178 - #1179 - #1180 - #1181 - #1182 - #1183 - #1184
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Phishing Domain/URL/IP(s):
Impersonated domain
Describe the issue
A classmate asked me to look into an unexpected domain, himosteg[.]xyz, that she noticed was blocked by her phone. A scan of the domain led to a login page for "Money Badger$" with the remaining text in Cyrillic. A reverse image search of the logo led to this post, which explained that it was related to a traffic distribution system and fake virus pop-up ads. Looking at the hosting IP on URLScan.io led to related inbound fake virus notifications like those mentioned in the post.
Related external source
Screenshot
Click to expand