jordiserrano.meClickFixKAIROSIntelTracker
Panel de inteligencia » APTTrail: APT DRIFTINGCLOUD indicators and references

APTTrail: APT DRIFTINGCLOUD indicators and references

Ioc 1 min lectura apt-driftingcloud
Fecha
18 Jun 2026
Actor
apt-driftingcloud
Tipo
Ioc
Pais
Unknown
Sector
-
Confianza
high
100
Prioridad analitica
Alta

Basado en actor, pais, IOCs, TTPs, filtracion y calidad de contexto.

14IOCs
0TTPs
apt-driftingcloudActor
UnknownPais
Executive Summary
APTTrail mantiene indicadores publicos asociados a APT DRIFTINGCLOUD. Aliases observados: APT DRIFTINGCLOUD. Conteo por tipo: domain: 4, url: 8.

Key Points

  • https://github.com/volexity/threat-intel/blob/main/2022/2022-06-15%20DriftingCloud%20-%20Zero-Day%20Sophos%20Firewall%20Exploitation%20and%20an%20Insidious%20Breach/indicators/indicators.csv
  • https://www.volexity.com/blog/2022/06/15/driftingcloud-zero-day-sophos-firewall-exploitation-and-an-insidious-breach/

Resumen APTTrail

APTTrail mantiene indicadores publicos asociados a APT DRIFTINGCLOUD. Aliases observados: APT DRIFTINGCLOUD. Conteo por tipo: domain: 4, url: 8.

Indicadores de Compromiso (IOCs)

TipoValorContexto
Domainakamprod.comAPTTrail
Domaingoogleanalytics.proxydns.comAPTTrail
Domainservusers.comAPTTrail
Domainu2d.servusers.comAPTTrail
URLhttp://158.247.200.24APTTrail
URLhttp://180.149.38.136APTTrail
URLhttp://185.82.218.66APTTrail
URLhttp://192.248.152.58APTTrail
URLhttp://209.250.231.67APTTrail
URLhttp://5.188.228.40APTTrail
URLhttp://95.85.71.20APTTrail
URLhttp://95.85.71.23APTTrail

Referencias

Diamond Model

Adversary
apt-driftingcloud
Ver perfil →
Victim
APTTrail: APT DRIFTINGCLOUD indicators and references
Capability
Ioc
Infrastructure
akamprod.com
googleanalytics.proxydns.com
servusers.com
u2d.servusers.com

Indicadores de Compromiso (IOCs)

TipoValorContextoOSINT
Domain akamprod.com APTTrail VT OffSec SOCRadar
Domain googleanalytics.proxydns.com APTTrail VT OffSec SOCRadar
Domain servusers.com APTTrail VT OffSec SOCRadar
Domain u2d.servusers.com APTTrail VT OffSec SOCRadar
URL http://158.247.200.24 APTTrail VT OffSec SOCRadar
URL http://180.149.38.136 APTTrail VT OffSec SOCRadar
URL http://185.82.218.66 APTTrail VT OffSec SOCRadar
URL http://192.248.152.58 APTTrail VT OffSec SOCRadar
URL http://209.250.231.67 APTTrail VT OffSec SOCRadar
URL http://5.188.228.40 APTTrail VT OffSec SOCRadar
URL http://95.85.71.20 APTTrail VT OffSec SOCRadar
URL http://95.85.71.23 APTTrail VT OffSec SOCRadar
Domain github.com Extraido del contenido VT OffSec SOCRadar
Domain www.volexity.com Extraido del contenido VT OffSec SOCRadar

Referencias y enlaces

→ Perfil del actor apt-driftingcloud en el blog → Ver apt-driftingcloud en IntelTracker → URL IntelTracker: github.com→ URL IntelTracker: www.volexity.com → Fuente OSINT: github.com→ Fuente OSINT: raw.githubusercontent.com→ Fuente OSINT: github.com→ Fuente OSINT: www.volexity.com → Buscar apt-driftingcloud en APTTrail → Repositorio APTTrail → Buscar en Google News → Analizar en VirusTotal → Feed RSS del blog
← Volver al panel de inteligencia

Incidentes recientes

June 2026 Stealer Logs18 Jun 2026 · breach CFGI18 Jun 2026 · breach Berkadia18 Jun 2026 · breach Infinite Campus18 Jun 2026 · breach Horizon Family Medical Group18 Jun 2026 · incransom www.wolfconstruction.net18 Jun 2026 · lynx Amazon owned OneMedical.com18 Jun 2026 · shinyhunters NAIC.org18 Jun 2026 · shinyhunters