Threat Intelligence Report - 15th February to 21st February 2021
Trends
- The top attacker country was China with 109931 unique attackers (43.58%).
- The top Phishing campaign detected was againts Facebook with 82 instances detected.
Over 8 million COVID-19 test results leaked online
Over eight million COVID-19 patient test results have been publicly leaked via multiple Indian Government websites, including the national health and welfare agencies, which are then being indexed by search engines, exposing patient
data and whether they had tested positive for the coronavirus. These reports have sensitive patient information,
including name, age, date and time of sample testing, residence address.
North Korean Lazarus Group hackers indicted in US
The US Dept. of Justice has indited three North Korean military personnel with participating in a stagging and
wide-ranging criminal conspiracy that included, destructive cyber-attacks, the theft and extortion of over $1.3bn
worth of money (fiat) and cryptocurrency using multiple malicious cryptocurrency applications, and the development
and fraudulent marketing of a blockchain platform.
|
|
|
Top Attackers By Country
| China |
109931 |
43.58% |
| United States |
66460 |
26.35% |
| South Korea |
47968 |
19.01% |
| Vietnam |
6278 |
2.48% |
| Russia |
5574 |
2.21% |
| India |
3164 |
1.25% |
| Hong Kong |
3056 |
1.21% |
| Germany |
2580 |
1.02% |
| Poland |
1555 |
0.61% |
| Albania |
1552 |
0.61% |
| Japan |
1422 |
0.56% |
| Seychelles |
975 |
0.38% |
| Taiwan |
612 |
0.25% |
| Greece |
612 |
0.24% |
| Argentina |
420 |
0.16% |
|
|
|
Top Attackers By Country
|
 |
 China United States South korea Vietnam Russia Others
|
|
|
|
|
|
|
|
Top Attacking Hosts
| 14.48.93.118 |
43677 |
| 61.177.173.3 |
9162 |
| 34.200.247.158 |
8745 |
| 47.88.33.190 |
8201 |
| 47.91.88.40 |
8167 |
| 119.23.131.217 |
6775 |
| 120.29.77.49 |
2441 |
| 113.189.254.4 |
2308 |
| 218.92.0.201 |
2061 |
| 103.22.132.34 |
1873 |
| 218.92.0.202 |
1836 |
| 69.162.124.234 |
1706 |
| 193.27.228.188 |
1555 |
| 87.238.211.170 |
1552 |
| 117.4.247.92 |
1508 |
|
Top Attackers
 |
|
|
|
Top Network Attackers
| 4766 |
South Korea |
KIXS-AS-KR Korea Telecom, KR |
| 4134 |
China |
CHINANET-BACKBONE No.31,Jin-rong Street, CN |
| 14618 |
United States |
AMAZON-AES, US |
| 45102 |
China |
CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN |
| 37963 |
China |
CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN |
| 45899 |
Vietnam |
VNPT-AS-VN VNPT Corp, VN |
| 46475 |
United States |
LIMESTONENETWORKS, US |
| 49505 |
Russia |
SELECTEL, RU |
| 197226 |
Poland |
SPRINT-SDC, PL |
| 206262 |
Serbia |
TELKOS, AL |
| 7552 |
Vietnam |
VIETEL-AS-AP Viettel Group, VN |
|
|
|
|
Top Phishing Campaigns
| MyEtherWallet |
2 |
| Other |
1421 |
| Google |
5 |
| Allegro |
9 |
| Itau |
2 |
| PayPal |
21 |
| Facebook |
82 |
| PayPal |
7 |
| Special |
1 |
| Adobe |
10 |
| Microsoft |
11 |
| Rabobank |
1 |
| Amazon.com |
16 |
| TSB |
2 |
| Halifax |
10 |
| DHL |
4 |
| Caixa |
2 |
| Instagram |
1 |
| Apple |
1 |
| Rakuten |
1 |
|
|
|
|
