Slide 20
Slide 20 text
www.leocybersecurity.com 20
GTO-CERT
• Reported this IP as being associated with M2M – Malspam
• Spreads VB/Trojan.Valyria
Domaintools
• 477,068 websites use this address
• IP location – Bodis, LLC, New York
• AS395082 BODIS-NJ
OpenDNS
• 612 malicious domains being blocked
Ransomware Tracker
• Ransomware infrastructure associated with IP: 9
IBM X-Force
• Anonymization Services (43%), Malware (43%), Botnet C2 (29%)
• Comment: Bodis, LLC operates a domain name monetization
platform
Also: ThreatMiner, Cymon, AbuseIPB, OTX, ThreatCrowd
Day 1 @ 7:00pm – 8:00pm
THIRD-PARTY TOOL INTEL