search

mitchellkrogza / phishing

Central Repository for Adding Domains / Links to the Phishing.Database project - https://github.com/mitchellkrogza/Phishing.Database/
46 stars 205 forks source link

add lebomashilo.co.za to wildcard list #462

Closed g0d33p3rsec closed 2 months ago

g0d33p3rsec commented 2 months ago

Phishing Domain/URL/IP(s):

https://lebomashilo.co.za/M20zSDV3Mk8zaTJIOGs= 
https://lebomashilo.co.za/M24xbzNaMlowVTI2MTc=
https://lebomashilo.co.za/M0g0MjNiNmM2ZjV3OW0=
https://lebomashilo.co.za/MzgyYTkyOWc4WTdlMFA=
https://lebomashilo.co.za/M1o0VTJHNHg1RTFEOE0=
https://lebomashilo.co.za/M1U0cTNBOEI5YTJhNFg= 
https://lebomashilo.co.za/MU8wQzdxMHc3bDdTMno=
https://lebomashilo.co.za/M2Q0djVGNXc2ODMzOXM=
https://lebomashilo.co.za/M2YwMTlMMVA1VjFGMzA=

Impersonated domain

https://www.betway.co.za
https://www.shoprite.co.za/

Describe the issue

This domain is now hosting the phishing kit that previously at havenhills.za.com (#459), intrinsicisle[.]za[.]com (https://github.com/mitchellkrogza/phishing/pull/452), reluzformaturas.com.br (https://github.com/mitchellkrogza/phishing/pull/435), abcmueblesbogota[.]com (https://github.com/mitchellkrogza/phishing/pull/432), ergoterapiacaribu[.]ch (https://github.com/mitchellkrogza/phishing/pull/426), ijconnects[.]com (https://github.com/mitchellkrogza/phishing/pull/421), cbcaps[.]shop (https://github.com/mitchellkrogza/phishing/pull/417), bersowir[.]org (https://github.com/mitchellkrogza/phishing/pull/416), brunotasso[.]com[.]br (https://github.com/mitchellkrogza/phishing/pull/413), wisbechguide[.]uk (https://github.com/mitchellkrogza/phishing/pull/408), pescacancun[.]com (https://github.com/mitchellkrogza/phishing/pull/406), bkengineersindia[.]com (https://github.com/mitchellkrogza/phishing/pull/405), englishplusmore[.]com (https://github.com/mitchellkrogza/phishing/pull/404), carnesboinobre[.]com[.]br (https://github.com/mitchellkrogza/phishing/pull/398), technowide[.]com[.]tr (https://github.com/mitchellkrogza/phishing/pull/396), jestertunes[.]com (https://github.com/mitchellkrogza/phishing/pull/393), safecartusa[.]com (https://github.com/mitchellkrogza/phishing/pull/391), foreverfarley[.]com (https://github.com/mitchellkrogza/phishing/pull/387), azezieldraconous[.]com (https://github.com/mitchellkrogza/phishing/pull/381), westernautomobileassembly[.]com (https://github.com/mitchellkrogza/phishing/pull/376) , littleswanaircon[.]com[.]sg (https://github.com/mitchellkrogza/phishing/pull/372), iwan2travel[.]com (https://github.com/mitchellkrogza/phishing/pull/370), applesforfred[.]com (https://github.com/mitchellkrogza/phishing/pull/369), theaerie[.]ca (https://github.com/mitchellkrogza/phishing/pull/367), nico[.]sa (https://github.com/mitchellkrogza/phishing/pull/366), ajstelecom[.]com[.]mx (https://github.com/mitchellkrogza/phishing/pull/362), and others (more than 130 domains since 2021).

Related external source

Screenshot

Click to expand ![image](https://github.com/user-attachments/assets/ab61429f-7c17-4ef2-9724-81826ff85208) ![9dcb9a8e-45d7-4bf5-b788-90425dac491d](https://github.com/user-attachments/assets/8075b037-5256-4ee8-9dea-1215dfca219d) ![image](https://github.com/user-attachments/assets/b6df09e9-7295-4807-86c6-29b196942475) ![a5a7e4e9-d07f-4878-879c-2bcf18237ea1](https://github.com/user-attachments/assets/b62ceeca-b368-4fee-8a4f-4be5bad3b21d) ![image](https://github.com/user-attachments/assets/15b87904-2685-4875-af70-f759891f71d3) ![image](https://github.com/user-attachments/assets/f3c94a9e-5655-4674-a734-22af89ae3509) ![image](https://github.com/user-attachments/assets/d9a8f15e-7770-44c2-934e-4bf8b5bd9562) ![image](https://github.com/user-attachments/assets/2f683e42-53f3-41ec-aaa1-1dd7c3d6032c)
spirillen commented 2 months ago

What are you doing up this late... it's 4 in the morning

g0d33p3rsec commented 2 months ago

What are you doing up this late... it's 4 in the morning

It was about 10 pm here when I made the addition, right before calling it a night.

spirillen commented 2 months ago

You better run dpkg-reconfigure tzdata 😃