0

Exploit false server easily slips infront of nexdns

This had zero trouble installing itself and circumventing nexdns on iphone ios 16.7.

https://www.virustotal.com/gui/file/00013e35e919159de6c3fa8a2c6abeecce8f8b3caae242994ed7874f11a665da/behavior
 

Mine specifically came from this http request 

http://ocsp.pki.goog/gts1c3/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTHLnmK3f9hNLO67UdCuLvGwCQHYwQUinR

these requests are from ocsp servers typically, digicert, pki.goog, amazontrust and others. RelAted to EMOTET and WANNACRY attacks,i’ve started a pulse on pki.goog here: https://otx.alienvault.com/pulse/650b22b488fd536495791218
 

also updating urls and ips on pulsedive and virustotal. Right now, without a complete reset, nexdns won’t function. Woo. Now i get all the spyware again. 

Reply

null

Content aside

  • 7 mths agoLast active
  • 37Views
  • 1 Following