01-31-2024, 09:57 AM
Ovaj Stealer log sa SOCRadar je zanimljiv, spaja ovaj razvojni server i razne druge iz avio industrije:
Quote:Infected Device - Accounts for "fms.omega.rs" were observed for sale on the Russian Market, On Jul 12, 2023
{
"country": "RS",
"date": "2023.07.10",
"files": "archive.zip",
"id": "11521210",
"isp": "Serbia Broadband",
"links": [
"accounts.firefox.com",
"accounts.google.com",
"192.168.100.1",
"192.168.100.1",
"ekupi.rs",
"passport.aliexpress.com",
"hb.posted.co.rs",
"eon.tv",
"webmail.sbb.rs",
"hb.posted.co.rs",
"euprava.gov.rs",
"mojsbb.rs",
"192.168.0.1",
"fms.omega.rs",
"mojsbb.rs",
"192.168.2.1",
"twitter.com",
"moj.mts.rs",
"acars.prod.sabre.com",
"newextranet.airserbia.com",
"extranet.jat.com",
"e-airportslots.aero",
"trainingzone.eurocontrol.int",
"extranet.jat.com",
"moj.mts.rs",
"elitesecurity.org",
"elitemadzone.org",
"hb.posted.co.rs",
"gateway.hbogo.eu",
"esanduce.rs",
"kk-machine-1.herokuapp.com",
"192.168.100.1",
"passport.alibaba.com",
"login.aliexpress.ru",
"webaccess.airserbia.com",
"login.tidal.com",
"ekupi.me",
"aliexpress.com",
"saas2.aims.aero",
"eon.tv",
"192.168.100.1",
"edukacije.acas.rs",
"accounts.google.com",
"gigatron.rs",
"play.hbomax.com",
"myidtravel.com",
"saas3.aims.aero",
"moj.mtel.me",
"kupujemprodajem.com",
"login.microsoftonline.com",
"login.live.com",
"192.168.1.1",
"mwlogin.net",
"skycom.rs",
"portal.edb.rs",
"jakov.rs"
],
"outlook": "-",
"price": "10.00",
"province": "Belgrade",
"size": "0.44Mb",
"stealer": "risepro ",
"vendor": "nn####an [Diamond]"
}
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV