June 30, 2022

TheCyberThrone

Thinking Security ! Always

CISA Adds Conti Domains in Block List

The U.S. CISA has updated the alert on Conti ransomware operations, by adding 100 domain names used by the group.

The Indicators of Compromise added to the report was provided by the U.S. Secret Service.

The following domains have registration and naming characteristics similar to domains used by groups that have distributed Conti ransomware. Many of these domains have been used in malicious operations; however, some may be abandoned or may share similar characteristics coincidentally.

Advertisements

Indicators of Compromise

  • badiwaw[.]com
  • balacif[.]com
  • barovur[.]com
  • basisem[.]com
  • bimafu[.]com
  • bujoke[.]com
  • buloxo[.]com
  • bumoyez[.]com
  • bupula[.]com
  • cajeti[.]com
  • cilomum[.]com
  • codasal[.]com
  • comecal[.]com
  • dawasab[.]com
  • derotin[.]com
  • dihata[.]com
  • dirupun[.]com
  • dohigu[.]com
  • dubacaj[.]com
  • fecotis[.]com fipoleb[.]com
  • fofudir[.]com
  • fulujam[.]com
  • ganobaz[.]com
  • gerepa[.]com
  • gucunug[.]com guvafe[.]com
  • hakakor[.]com
  • hejalij[.]com
  • hepide[.]com
  • hesovaw[.]com
  • hewecas[.]com
  • hidusi[.]com
  • hireja[.]com
  • hoguyum[.]com
  • jecubat[.]com
  • jegufe[.]com
  • joxinu[.]com
  • kelowuh[.]com
  • kidukes[.]com kipitep[.]com
  • kirute[.]com
  • kogasiv[.]com
  • kozoheh[.]com
  • kuxizi[.]com
  • kuyeguh[.]com
  • lipozi[.]com
  • lujecuk[.]com
  • masaxoc[.]com
  • mebonux[.]com
  • mihojip[.]com
  • modasum[.]com
  • moduwoj[.]com
  • movufa[.]com
  • nagahox[.]com
  • nawusem[.]com
  • nerapo[.]com
  • newiro[.]com
  • paxobuy[.]com
  • pazovet[.]com pihafi[.]com
  • pilagop[.]com
  • pipipub[.]com
  • pofifa[.]com
  • radezig[.]com
  • raferif[.]com
  • ragojel[.]com
  • rexagi[.]com
  • rimurik[.]com
  • rinutov[.]com
  • rusoti[.]com
  • sazoya[.]com
  • sidevot[.]com
  • solobiv[.]com
  • sufebul[.]com
  • suhuhow[.]com
  • sujaxa[.]com
  • tafobi[.]com tepiwo[.]com
  • tifiru[.]com tiyuzub[.]com
  • tubaho[.]com
  • vafici[.]com
  • vegubu[.]com
  • vigave[.]com
  • vipeced[.]com
  • vizosi[.]com
  • vojefe[.]com
  • vonavu[.]com
  • wezeriw[.]com
  • wideri[.]com
  • wudepen[.]com
  • wuluxo[.]com
  • wuvehus[.]com
  • wuvici[.]com
  • wuvidi[.]com
  • xegogiv[.]com
  • xekezix[.]com
%d bloggers like this: