天创培训:您身边的信息安全培训专家!
设为首页 | 添加收藏 | 网站地图 | 证书查询
行业动态
被黑传播恶意软件的240个顶级微软托管子域名

联合国教科文组织、红十字会、西门子、施乐、3M等也在受影响的子域名名单中。

网络犯罪分子劫持了240多个网站,这些网站属于世界上一些最著名的组织和品牌,主要是为了引导用户下载意想不到的内容,如恶意软件、恶意Chrome扩展、在线赌博和成人内容。

这些网站如此容易被劫持的原因是微软Azure云托管它们的方式。

一些被劫持的网站是家喻户晓的名字,包括华纳兄弟、联合国教科文组织、东芝、施乐、盖蒂图片、红十字会、沃尔沃、霍尼韦尔、夏威夷航空、Clear Channel、西门子、欧特克、Arm3M、英国国家医疗服务体系和道达尔等(完整名单在本文的最后)

被劫持的域名是由Zach Edwards报告的,他在6月份就这个问题通知了微软和受影响的公司/组织。爱德华兹是分析公司Victory Medium的联合创始人,他首先通知了大学和政府机构,然后是其他公司。

 据爱德华兹说,大部分子域名都被一个单独的组织接管了,他认为这个组织已经活跃了五年。根据他的分析,这个组织有一个国际犯罪团伙的支持,而且这个组织比预期的复杂得多。

这显然是自动的:他们已经攻击了大量组织,上传了大量恶意软件。我已经警告过一些组织,他们最大的恐惧应该是这个传统组织与其他更具破坏性的组织合作,爱德华兹告诉Register

此外,Edwards评估黑客在劫持一个子域名后试图隐藏他们的存在,他们在根网址上显示即将到来404错误信息。他报告的大约20%的子域名被关闭。

被黑传播恶意软件的240个顶级微软托管子域名

 然而,更大的问题是,该网站的DNS条目被劫持主要是因为Azure云托管它们的方式。对于Azure Cloud托管的网站来说,这是一个常见的问题。

Edwards共享的折衷域列表如下:

Hackread.com建议读者不要访问这些域名,因为它们可能会感染你的设备。

360stage.stahls.com

analytics.glamst.com

b2btdc.pandora.net

beta-invited.slh.com

ccc.blockshipping.io

champions-d-content.generalmills.com

chat.celcom.com.my

cine.naturgy.es

cloudpilotsg.cloudatlasinc.com

costwell.chevron.com

demo.booktrack.com

drweb.commscope.com

elevate17.bittitan.com

eperfectlaunchdev.optum.com

farmtoschoolmap.georgiaorganics.org

findyourstyle.fisherpaykel.com

game.autoshow.ca

gifts-uat.unrefugees.org.au

greathallcontacts.flydenver.com

hippotalk.total.com

devagileblog.acuitybrandslighting.net

devoddsapi.wallstreetenglish.com

dvsm-uat.gsk.com

es-stgics-avm.jll.com

returns.americas.pandora.net

www.iknow.dr.cch.com.au

m.macaronigrill.com

map.carlgross.com

mobile-beacons.clearchannel.co.uk

mobile.hullcitytigers.com

mobile.stratasys.com

old.deleteagency.com

oneanalytics.capita-one.co.uk

partners.honeygroup.co.uk

pay.willassociates.co.uk

peerwatch.complianceweek.com

portfolio.theglobalfund.org

ppkpi.cbre.com

prdmarep.udtrucks.com

prod.vallen.ca

production.go-dove.com

pwcs-grants.pwcs.edu

recommendations.govx.com

secure.openenergymarket.com

sfgateway-prod-east-api.carmax.com

sportsfirstaid.redcross.org.uk

sso-api-poc.mybswhealth.com

stage.cleanwithkeystone.com

staging.auth.idahopower.com

stagingcms.johnsoncontrols.com

storetool.albertsons.com

storetool2.albertsons.com

ticari.mercedes-benz.com.tr

fly-tracking.volvo.com

wiki.gibson.com

wine.mydexrewards.com

wisent.mitt.ru

wisent.mosbuild.com

www.app.ahvoila.com

www.sensformer.cloud.siemens.com

xlcatlin.leopard-np.swissre.com

trace.accenthealth.com

linode.hki.org

advanced.core.freeflow.xerox.com

nucleus.robomateplus.com

quantumleap.pason.com

un1cdp01.uno.adt.bms.com

booking.ramadadowntowndubai.com

login.ec.co

b2b.absoluteboardco.com

pfp-int.az-bots-gre-projets.viseo.com

dashboard.adsninja.com

scm.ordermanagement-test.maersk.com

maps.foundationcenter.org

www.thevillagesatpinevalley.com

itpolicies.ycp.edu

www.summary.batransfer.com

chat.fnv.nl

dev-cd-infocenter.ryder.com

myob-multi-dc-sit-singapo-cfs-v1.myob.com

www.loveisajourney.proflowers.com

www.satisfaction.darty.com

internationalservicesstage.rrd.com

detectionapp.3m.com

pspapimgmt-test.premera.com

b2bapi-service-acc.snelstart.nl

aem.herbalife.com

v2.basic.net

usersapipre.vertele.eldiario.es

onespie.spie.de

applications.wirralccg.nhs.uk

beta.pksinvest.com

site.chopup.me

tevatogostgrw.tevapharm.com

thweb-azure.teknikhuset.se

nexarc1service.kemin.com

ohmy.disneylatino.com

sccmclouddp.providence.org

sitgbapi.globalblue.com

qcsampler.genpact.com

geaux.lsufoundation.org

apps.technologydev.ihs.com

storelocator.dtc.newbalance.com

football.swisslife.ch

inflightentertainment.sas.no

connected.virginaustralia.com

inhabit-portal.arkadium.com

beta.auic.org

iot-accelerator-dev2.ddm.iot-accelerator.ericsson.net

api.elfcosmetics.com

accessderm.aad.org

cmclouddpsgsin.autodesk.com

search.us.epg.toshiba.com

uoncmgtst.newcastle.edu.au

blog.codercamps.com

v3-dev-gpe-application.gpebcnonprod.cloud.ntrs.com

members.i.playboy.com

zew-api.travelport.com

aicpasccm.aicpa.org

smartusw-sts.gep.com

hatchery.entrepreneurial-spark.com

bmsazure.elas.uk.com

referencement.levio.ca

iq.aecom.com

a.eage.org

poc9.icertis.com

uat.ovhq.msc.com

tibco-service-dev.usga.org

icqa.skillsinsight.honeywell.com

members.ussvi.org

associate.myfortisonline.com

acdadmin-tng.aia.org

demo06.mediusflow.com

myaccount.scottish-enterprise.com

nw-b.ecolab.com

members.dotnetfoundation.org

automation.pg.com

mclambda-devtest.cpsextsandbox.mayo.edu

dev.forsyteit.com

testazure.drivetime.com

ve-service.genecards.org

ahbeardweb.microsoftcrmportals.com

wordpress-itec.azurewebsites.net

qa.api.sapaccess.warnerbros.com

stpaul.partnerinhousing.com

dashboard.boostup.com

docs.cms.orckestra.com

ecmcmg.broadinstitute.org

cms.facilitiessurvey.com

dev1.mdlive.com

aauw-ampostdoc.scholarsapply.org

tge.tradeglobal.com

mobile.apply4housing.com

my.disciplesmade.com

quote.model.healthmarkets.com

dev.connectedservices.emerson.com

connect.atslab.com

training.trin.net

stgwww.ispeedyloans.com

mossupport.mcd.com

prepd-sitecore.solr.arm.com

spaspera.cloud.jci.com

uopxcmg2.phoenix.edu

staging-consulting-covid19.euromonitor.com

mail.somersetcm.com

dev.salesforce.integration.plex.com

full-service-suite.ch

cart.perseusacademic.com

testwebservices.hawaiianairlines.com

timesheets.cfed.org

library.inthehand.com

www.rmspecialstamps.com

sessions.digitalwpc.com

staging.ecofastensolar.com

innovapulse.innovasi.com

uk.ziraat.turkline.com

rldp.redlobster.com

test-cbreitp.intrepid.cbre.com

go.daymarksi.com

test.lark-it.com

dynamicsac.perficient.com

voyager-dev.kindred.com

acsdonateadmintrain.cancer.org

prixmnbawards.musicnb.org

nlgsccmconnect1.nationallife.com

create.cakesbyron.com

www.mitanorifusa.com

dev-oms-logistics.pvh.com

sts.hgem.com

gettyclouddp1.gettyimages.com

training.iverson.com.my

secure.web.powerapps.com

cb.us.stg.cloud.im

press.desigual.com

architectuur.cibg.nl

myusa.veinteractive.com

qa.boh.com

xlcatlin.leopard-np.swissre.com

v3-qa-gpe-application.gpebcnonprod.cloud.ntrs.com

blog.washingtonstem.org

apps.invictusgames2017.com

test.scandichotels.de

sccm-dp.acuitybrands.com

fnmaxcmgdp.fanniemae.com

survive.infocomm.org

op.elfcosmetics.com

leprdsccmdistpteuwest.lincolnelectric.com

cms.answersmediainc.com

cloudsolvportal.synnex.com

uatstandby-www.cushmanwakefield.com

emergencyresponse.bristowgroup.com

thor.mdlive.com

clouddp01.lamresearch.com

autoattendantservicesqa.incontact.com

microsoft.icertis.com

devpmforecaster.cbre.com

tastings.neudesic.com

b2bws.julian-fashion.com

apimcustomapi-dev.azure.chevron.com

analytics.donorperfect.net

ecom-qa-nl.bambonature.com

s-sccmdp-cloud01.loandepot.com

tra.g4s.com

remote.packtech.dk

qaappcenterng.deloitteresources.com

apps.fullertonhealth.com

smoke1.remix3d.com

onesiteportal-stage.rrd.com

cdn02.empiretoday.com

easishare.bruker.com

football.swisslife.ch

seminario.iipe.unesco.org

cityofcalgarycmg.calgary.ca

dailysales.brownjordan.com

staging.capturetech.com

media.antenna.gr

doc.bootes.co

am.us.rothschildandco.com

candidate.responsivehr.com

lti.intelequia.com

api.longbow.bonusxp.com

tuap.teamusa.org

rss-prototype.bd.com

(来源:HackRead)