search

chartingshow / crypto-firewall

🎁 Blocks browser-based crypto mining, cryptojacking, banking and crypto malware and phishing websites, apps and hackers command-and-control (C2) servers.
GNU General Public License v3.0
11 stars 0 forks source link

Block `SpyLoan` Android malware #404

Closed summercms closed 9 months ago

summercms commented 9 months ago

Enhancement idea

Description

Since the beginning of 2023, researchers have observed an alarming growth of deceptive Android loan apps, which present themselves as legitimate personal loan services, promising quick and easy access to funds.

Despite their attractive appearance, these services are in fact designed to defraud users by offering them high-interest-rate loans endorsed with deceitful descriptions, all while collecting their victims’ personal and financial information to blackmail them, and in the end gain their funds.

Links

https://www.welivesecurity.com/en/eset-research/beware-predatory-fintech-loan-sharks-use-android-apps-reach-new-depths/

IOC

I2P websites

n/a

IPFS websites

n/a

Tor2web websites

n/a

TOR websites

n/a

URL's

n/a

Folders

n/a

Sub-Domains

n/a

Domains

ahymvoxxg.com
akredit.in
amorcash.com
bhvbhgvh.space
cashwow.club
coccash.com
credibusco.com
easycredit-app.com
guayabacash.com
iuuaufbt.com
mpxoptim.com
oyeqctus.com
qtzhreop.com
softheartlend2.com
truenaira.co
whcashph.com
yumicash.com

IP's

3.109.98.108
35.86.179.229
35.158.118.139
43.225.143.80
47.56.128.251
47.89.159.152
47.89.211.3
47.91.110.22
47.253.49.18
47.253.175.81
47.254.33.250
49.0.193.223
54.71.70.186
104.21.19.69
110.238.85.186
152.32.140.8
172.67.131.223

Emails

n/a

Wallet addresses

n/a

Mining pool addresses

n/a