12-16-2023, 06:43 PM
Ima nekih zanimljivih tragova i ovde: https://platform.socradar.com/app/threat...ent.gov.rs
Infected Device - Accounts for "parlament.gov.rs" were observed for sale on the Russian Market, On May 02, 2023
Infected Device - Accounts for "parlament.gov.rs" were observed for sale on the Russian Market, On May 02, 2023
Code:
{
"country": "RS",
"date": "2023.04.25",
"files": "archive.zip",
"id": "10632084",
"isp": "Sat-Trakt D.O.O.",
"links": [
"10.117.108.20",
"10.117.2.1",
"10.117.2.21",
"10.117.2.211",
"10.117.2.23",
"10.117.2.253",
"10.117.2.26",
"10.117.2.5",
"127.0.0.1",
"188.93.126.42",
"192.168.0.1",
"192.168.0.106",
"192.168.0.11",
"192.168.0.2",
"192.168.0.21",
"192.168.0.3",
"192.168.0.5",
"192.168.0.50",
"192.168.1.1",
"192.168.1.10",
"192.168.1.100",
"192.168.1.2",
"192.168.10.208",
"192.168.101.1",
"192.168.11.3",
"192.168.111.1",
"192.168.2.1",
"192.168.2.21",
"192.168.2.253",
"192.168.2.26",
"192.168.2.40",
"192.168.2.41",
"192.168.2.5",
"192.168.200.1",
"192.168.44.1",
"192.168.44.11",
"192.168.44.2",
"192.168.44.222",
"192.168.44.226",
"192.168.44.227",
"192.168.44.3",
"192.168.44.6",
"192.168.44.91",
"192.168.45.1",
"192.168.45.15",
"1fichier.com",
"212.200.91.145",
"2baksa.net",
"5kforchange.org",
"87.237.205.155",
"87.237.205.239",
"91.102.231.142",
"a1.rs",
"account.booking.com",
"account.live.com",
"account.nexiuslearning.com",
"account.protonvpn.com",
"account.qnap.com",
"account.samsung.com",
"accounts.alluc.ee",
"accounts.google.com",
"accounts.lidl.com",
"accounts.spotify.com",
"activate.hbomax.com",
"airdroid.sand.com",
"aliexpress.com",
"aliexpresshd.alibaba.com",
"app.plex.tv",
"apps.spiceworks.com",
"appsrviti-pri",
"asmp.a1.rs",
"astroconquest.com",
"auth.dpass.us.deloitte.com",
"auth.wetransfer.com",
"balkandownload.org",
"becej.rs",
"best.aliexpress.com",
"bithorlo.info",
"bl.flirthits.com",
"buyspotify.net",
"cert.rs",
"coursehero.com",
"cp10.cpanelhosting.rs",
"cpanel.pikbecej.mycpanel.rs",
"crm.lpa.gov.rs",
"crm.mi-system.co.rs",
"crowarez.org",
"customerconnect.vmware.com",
"deezer.com",
"demonoid.info",
"demonoid.is",
"demos.telerik.com",
"discord.com",
"dl.reg.163.com",
"domaci.de",
"dropbox.com",
"ecd.rs",
"edit.duplexiptv.com",
"edit.duplexplay.com",
"elms.ftn.uns.ac.rs",
"english-online.rs",
"englishclass101.com",
"eon.tv",
"erofishki.cc",
"ers.alsu.gov.rs",
"esalter.rgz.gov.rs",
"etarskaibiljnaulja.rs",
"euprava.gov.rs",
"eventim.rs",
"exchange.ecd.rs",
"facebook.com",
"filmezz.co",
"filmezz.eu",
"findmymobile.samsung.com",
"fitpro.xiaofengkj.cn",
"forum.benchmark.rs",
"forum.iptvsmarters.com",
"forum.titlovi.com",
"forums.mydigitallife.net",
"freelancer.com",
"freetvall.com",
"gateway.hbogo.rs",
"github.com",
"global.bittrex.com",
"gpspower.net",
"gpsurl.com",
"grammarly.com",
"hbomax.com",
"helpdesk.pksca.rs",
"herba-srbija.com",
"herbalfun.net",
"hungarianpod101.com",
"i.btc.com",
"ibm.com",
"id7.cloud.huawei.com",
"ims.bentley.com",
"informator.eu.meteorapp.com",
"informator.poverenik.rs",
"instagram.com",
"istcapi.stat.gov.rs",
"jnportal.ujn.gov.rs",
"katana.facebook.com",
"kinozal.tv",
"knjigoteka.org",
"kupujemprodajem.com",
"lexonline.paragraf.rs",
"lilplay.com",
"listing.telekom.rs",
"livesports-pass.com",
"livetv.sx",
"localhost",
"login.aliexpress.com",
"login.live.com",
"login.microsoftonline.com",
"login.opendns.com",
"login.oracle.com",
"login.skype.com",
"login.teamviewer.com",
"login.tidal.com",
"login.yahoo.com",
"lutrija.rs",
"m.facebook.com",
"mail.mk-group.org",
"mega.nz",
"megasrbija.com",
"mkonekt.mk-group.org",
"mobile.support.huawei.com",
"moj.mts.rs",
"moj.stcable.net",
"mojsbb.rs",
"mojtv.net",
"mojvip2.vipmobile.rs",
"morahalomkartya.hu",
"mts.rs",
"music.spotify.com",
"my.anydesk.com",
"my.eunet.rs",
"my.eunethosting.com",
"my.vmware.com",
"myaccount.google.com",
"myqnapcloud.com",
"ncore.cc",
"ncore.pro",
"netacademia.hu",
"netflix.com",
"netiks.rs",
"nitro.download",
"nitroflare.com",
"noip.com",
"novinarnica.net",
"novinarnica.plus",
"nulled.ch",
"nulledbb.com",
"online-prodaja.ribbon-cms.com",
"opensubtitles.org",
"opinionstage.com",
"ottplayer.tv",
"outlook.office.microsoft.com",
"panel.paragraf.rs",
"passport.alibaba.com",
"passport.aliexpress.com",
"performancemanager.successfactors.eu",
"plagiarisma.net",
"play.hbomax.com",
"pod2.stat.gov.rs",
"portal.mcloud.rs",
"pos.ite.gov.rs",
"potisje-becej.rs",
"prijemni.ftn.uns.ac.rs",
"privreda.becej.rs",
"profile.oracle.com",
"propissoft.profisistem.rs",
"prva.rs",
"radiobalkanmusic.com",
"radiosumadinac.org",
"realfishki.net",
"redmine.mk-group.org",
"reid.apr.gov.rs",
"rik.parlament.gov.rs",
"rookplay.com",
"rs.jooble.org",
"rtsplaneta.rs",
"rutracker.org",
"sap.com",
"sapgw.mk-group.org",
"satelitskiforum.com",
"sbb.rs",
"scribd.com",
"secure.sorbs.net",
"serbianforum.org",
"serije.online",
"servisi.pio.rs",
"shoppingcart.aliexpress.com",
"signup.liltmedia.com",
"signup.live.com",
"signup.lunemedia.com",
"signup.opendns.com",
"skupstina.becej.rs",
"skyshowtime.com",
"smboemi.com",
"sorozatbarat.online",
"speedtest.net",
"sportsaccess.se",
"spotify.com",
"sr-rs.facebook.com",
"ssluzba.ftn.uns.ac.rs",
"sso.blic.rs",
"stamparijapokloni.com",
"stripotekaforum.com",
"sts.mk-group.org",
"sttv.stcable.net",
"support.smart.rs",
"surveys.kornferry.com",
"test.becej.rs",
"thetradersden.org",
"thirdparty.aliexpress.com",
"timetracking.oblaci.rs",
"tmkeep.mk-group.org",
"tncore.com",
"tobecej1.mycpanel.rs"
"tobecej1.mycpanel.rs",
"torrenthr.org",
"trakt.tv",
"trust.zone",
"turbobit.net",
"twirpx.com",
"ucinak.skgo.org",
"uk-it.us",
"uniportal.huawei.com",
"uploadable.ch",
"uptobox.com",
"us04web.zoom.us",
"users.iptvsmarters.com",
"vidbliss.com",
"videohouse.me",
"vk.com",
"vsetutonline.com",
"warez-bb.org",
"warezhr.org",
"webapi1.srbvoz.rs",
"webmail.becej.rs",
"webmail.eunet.rs",
"webmail.stcable.net",
"webmail.yunet.rs",
"webplayer.stcable.tv",
"winwin.rs",
"wp.2baksa.net",
"yts.lt",
"yts.mx",
"yubraca.net",
"zeroboard.org",
"zoom.us",
"ztracker.org",
"192.168.0.1",
],
"outlook": "-",
"price": "10.00",
"province": "Vojvodina",
"size": "0.17Mb",
"stealer": "Racoon ",
"vendor": "M5####te bronze"
}
{
"country": "RS",
"date": "2023.04.28",
"files": "archive.zip",
"id": "10598929",
"isp": "CETIN Ltd. Belgrade",
"links": [
"aleksinac.org",
"rik.parlament.gov.rs",
"pod2.stat.gov.rs",
"pod2.stat.gov.rs",
"aleksinac.org",
"192.168.0.1",
"192.168.20.27",
"lokalnesamouprave.abs.gov.rs",
"aleksinac.org",
"telenor.rs"
],
"outlook": "-",
"price": "10.00",
"province": "Nisava",
"size": "0.31Mb",
"stealer": "Racoon ",
"vendor": "Mo####yf [Diamond]"
}
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV