We have been getting reports of a new threat actor that has been named Planetary Reef from PhishLabs. The data in this report and our research shows that they are currently active in phishing attacks and we are monitoring for additional information. This information was shared by PhishLabs and IBM X-Force.
Notes
Jigsaw customers will receive updates through our Threat Intelligence. While it is noted that there is no current activity and the domains are not currently in the RBL or Spamhaus data set, you should exercise caution. Jigsaw Security customers protected by our sinkhole DNS solution are not vulnerable to these domains currently, additional tracking and updates will be made should it be necessary to do so.
Associated IOC's
https://planet.my.id https://planethost.asia https://cnfhosted.my.id/ https://s2planet.com/ https://planethostlive.com/ planet.my.id planethost.asia cnfhosted.my.id s2planet.com planethostlive.com 144.91.104.47 51.15.78.143 173.212.233.100
Comments