Concealed Fox Kitten infrastructure exposed

25 September 2024

Aside from leveraging dynamic IP addresses, Fox Kitten also sought to conceal its attack infrastructure through broad Autonomous System deployment and spurious certificate names, according to the Censys report, which was based on data from the joint FBI, Cybersecurity and Infrastructure Security Agency, and Department of Defense Cyber Crime Center warning. Further analysis revealed a pair of domain IOCs not previously detailed by the joint cybersecurity advisory; similarities in geolocations and Autonomous System numbers among the hosts, and over 38,000 similar hosts suspected to be malicious.

Source: SC Magazine

Date:

25 September 2024

Categorie(s):

NEWS

Tag(s):

Fox, IT, Kitten, News

Key cybersecurity predictions for 20256 November 2024
Identity-related data breaches cost more than average incidents6 November 2024
China’s Volt Typhoon reportedly breached Singtel in ‘test-run’ for US telecom attacks6 November 2024
Snowflake data theft suspect arrested in Canada6 November 2024
Scumbag puts ‘stolen’ Nokia source code, SSH and RSA keys, more up for sale6 November 2024