Coronavirus Related Phishing

Certificate Transparency Logs

Drinking from the Hose Pipe

./certificates -filter="corona" 2020/03/25 09:19:06 Using filter "corona" 2020/03/25 09:19:06 Drinking from the hosepipe... ... 2020/03/27 14:56:30 Ran for 3h0m10.5205424s 2020/03/27 14:56:30 Final stats: 2020/03/27 14:56:30 Certificates seen: 383150 2020/03/27 14:56:30 Updates: 0 2020/03/27 14:56:30 Matched: 189 2020/03/27 14:56:30 Error in processing: 327 ... Count Subject Aggregated Update Type Validation Fingerprint 0 coronacourse.ru /CN=coronacourse.ru PrecertLogEntry Let's Encrypt 5C:7C:AD:62:51:B7:89:B2:56:C6:1C:11:78:35:40:30:35:F7:1F:EB 1 coronavirus-vaccine.co /CN=coronavirus-vaccine.co X509LogEntry Let's Encrypt 87:48:89:B3:B8:40:ED:CD:4A:4A:D9:3B:89:9D:52:72:98:27:3C:16 2 coronavirus-pobedim.ru /CN=coronavirus-pobedim.ru X509LogEntry Let's Encrypt D8:D7:F8:88:4D:53:99:A2:E4:FE:90:BB:30:97:4B:FD:9C:59:BD:BE 3 corona-clean.eu /C=PL/CN=corona-clean.eu PrecertLogEntry Unknown 6B:8C:7A:CC:B1:A6:3A:07:C9:26:E7:33:72:60:88:EC:6A:61:3E:3B 4 coronacourse.ru /CN=coronacourse.ru X509LogEntry Let's Encrypt 78:1B:C2:50:65:4D:54:48:06:92:80:BE:86:25:C8:1D:08:55:EF:BA 5 nyccoronavirus.co /CN=nyccoronavirus.co X509LogEntry Let's Encrypt 28:96:05:D1:43:F7:6D:26:C7:D8:18:CE:78:DD:6F:0B:ED:88:E8:EB ...

Analysis

--

--

--

Leading with strategy, design and architecture, we connect cloud, data, and cyber to engineer and deliver large-scale, complex transformations.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} Chicken Invaders 2 Xmas Hack Free Resources Generator

Forget everything you learned about privacy

Be A Secure Computer User

How to remotely wipe your phone with Hexnode MDM

Why Is Cryptography So Important?

Daily Stuntz 11/18 — Cybersecurity Policy: Fun with FISMA

Daily Stuntz — FireEye Breach and Response

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
6point6

6point6

Leading with strategy, design and architecture, we connect cloud, data, and cyber to engineer and deliver large-scale, complex transformations.

More from Medium

Phishing vs Smishing vs Vishing: What’s the Difference and How Do I Avoid Becoming a Victim?

Fish hook pulling a username and password image from a computer screen.

Are your employees the weakest link in your network security?

HackTheBox | Meow

Preparing for CompTIA PenTest+