Bublik Analysis
No activities identified yet
IOC - Indicator of Compromise (7)
These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.
ID | IP address | Hostname | Actor | Campaigns | Type | Confidence |
---|---|---|---|---|---|---|
1 | 66.128.53.179 | Bublik | verified | High | ||
2 | 104.21.57.186 | Bublik | verified | High | ||
3 | XXX.XXX.XX.XX | Xxxxxx | verified | High | ||
4 | XXX.XXX.X.XX | xxxx-xxxx-xxxx-xxx-xx-xxxx.xxxxxxxx.xxx | Xxxxxx | verified | High | |
5 | XXX.XXX.XXX.XX | Xxxxxx | verified | High | ||
6 | XXX.XX.XXX.XX | xxxxx.xx | Xxxxxx | verified | High | |
7 | XXX.XX.XXX.XXX | x-xxxx.x-xxxxxx.xxx | Xxxxxx | verified | High |
References (5)
The following list contains external sources which discuss the actor and the associated activities:
- https://blog.talosintelligence.com/2019/10/threat-roundup-1011-1018.html
- https://blog.talosintelligence.com/2020/08/threat-roundup-0821-0827.html
- https://blog.talosintelligence.com/2020/09/threat-roundup-0828-0904.html
- https://blog.talosintelligence.com/2021/05/threat-roundup-0507-0514.html
- https://github.com/vuldb/cyber_threat_intelligence/tree/main/actors/Bublik