search

chartingshow / crypto-firewall

🎁 Blocks browser-based crypto mining, cryptojacking, banking and crypto malware and phishing websites, apps and hackers command-and-control (C2) servers.
GNU General Public License v3.0
14 stars 0 forks source link

Block `FreakOut` Android Malware #599

Closed summercms closed 1 month ago

summercms commented 1 month ago

Enhancement idea

Description

The new version of the Necro Trojan has infected various popular applications, including game mods, with some of them being available on Google Play at the time of writing this report. The combined audience of the latter exceeds 11 million Android devices.

Screenshots

n/a

Links

https://securelist.com/necro-trojan-is-back-on-google-play/113881/

https://malpedia.caad.fkie.fraunhofer.de/details/py.n3cr0m0rph

IOC

I2P websites

n/a

IPFS websites

n/a

Tor2web websites

n/a

TOR websites

n/a

URL's

n/a

Folders

n/a

Sub-Domains

bear-ad.oss-us-west-1.aliyuncs.com

Domains

azhituo.com
bearsplay.com
govsred.buzz
justbigso.com
spinsok.com
spotiplus.xyz

IP's

174.129.61.221
47.88.190.200
47.88.245.162
47.88.246.111
47.88.3.73

ASN's

n/a

Emails

n/a

Wallet addresses

n/a

Mining pool addresses

n/a