ThreatBook
@ThreatBookLabs
Followers
4K
Following
202
Media
2K
Statuses
2K
Expert on cyber threats detection and response. Fast detect and respond to threats with high-fidelity, efficient, actionable security intelligence.
Global
Joined October 2015
Threat Alert: #Kimsuky — New Phishing Assets (Linked to 27[.]102[.]138[.]163) IP: 27[.]102[.]138[.]163 Domains: ciliuicnck[.]mydns[.]bz ifcolnvfim[.]mydns[.]bz inyoiurnfo[.]mydns[.]bz ThreatBook Intelligence: https://t.co/tUsRPpufeY
1
2
10
Threat Alert: #Konni — Compromised Site Used for Data Collection Compromised Host: vintashmarket[.]com ThreatBook Intelligence: https://t.co/nMsnesAIxB
0
4
15
Threat Alert: #SideCopy — New DLL Sample Observed C2: wmiprovider[.]com ThreatBook Intelligence: https://t.co/l2oS5ExgZr
0
6
28
Threat Alert: #CharmingKitten — New Phishing Asset Linked to Known C2 -likely a credential-harvesting/phishing landing. IP: 185[.]132[.]176[.]27 Domain: short-abbreviate[.]info ThreatBook Intelligence: https://t.co/lnjc8CqUj9
0
4
20
🎉 We’re proud to share that ThreatBook has been recognized once again as a Strong Performer in the 2025 Gartner® Peer Insights™ Voice of the Customer for Network Detection and Response (NDR) — marking our third consecutive year of recognition. https://t.co/SZEuUNFI59
0
0
2
Threat Alert: #MuddyWater — Phoenix Backdoor C2 Activity Observed C2 / Compromised Hosts: support[.]micsoft[.]store fourdjecem[.]shop poundpills[.]com IP: 64[.]7[.]198[.]12 ThreatBook Intelligence: https://t.co/VIFMs5wA3G
0
7
30
Domains 2/2: logllisyou[.]mydns[.]bz cailteve[.]mydns[.]bz ntilink[.]mydns[.]bz infillog[.]mydns[.]bz isyoiurnfo[.]mydns[.]bz nideeyou[.]mydns[.]bz incoincfim[.]mydns[.]bz caliucnck[.]mydns[.]bz veraity[.]mydns[.]bz sevilrverif[.]mydns[.]bz [2/2]
0
0
1
Threat Alert: #Kimsuky — New Dynamic-DDNS Assets Observed (tied to 27[.]102[.]138[.]181) IP: 27[.]102[.]138[.]181 Domains 1/2: icoincfim[.]mydns[.]bz cailiucnck[.]mydns[.]bz sevilverif[.]mydns[.]bz vernity[.]mydns[.]bz ThreatBook Intelligence: https://t.co/rmElf6ncsG [1/2]
1
7
12
Threat Alert: #Kimsuky — New Phishing Assets Observed Host/IP: 141[.]164[.]63[.]16 Domain: cailtteve[.]mydns[.]bz Host/IP: 158[.]247[.]220[.]229 Domains: navrlogen[.]live-on[.]net cailtteve[.]live-on[.]net ThreatBook Intelligence: https://t.co/7dYpYle9Xw
https://t.co/8ZML9KgL7L
0
2
9
Threat Alert: #Konni — Compromised Sites for Data Collection Domains: leakyleaks[.]us jal[.]dumaroc[.]ovh b2bdoreka[.]com simso[.]co[.]za ThreatBook Intelligence: https://t.co/Cn5pWunOWQ
0
5
16
Threat Alert: #Konni — Compromised Sites for Data Collection Domains: michelemiele[.]com ogw-srl[.]com ThreatBook Intelligence: https://t.co/lA26Dmwcac
0
0
6
Threat Alert: #Kimsuky — New Phishing Assets Observed IP: 27[.]102[.]138[.]181 Domains: isyournfo[.]mydns[.]bz inconfim[.]mydns[.]bz lognisyou[.]mydns[.]bz and additional dynamic-DDNS hostnames observed ThreatBook Intelligence: https://t.co/xugq6D56fW
1
6
13
Threat Alert: #CharmingKitten: New C2 Hostname on Known Asset. IP: 185[.]132[.]176[.]27 New C2 Hostname: videozoom[.]ddns[.]net ThreatBook Intelligence: https://t.co/goCp3ytL2E
1
7
16
Threat Alert: #donot — Info TLD Domains Registered for C2 Abuse. Newly registered .info domains likely reserved for C2/backdoor control. Domains: uptonox[.]info gilbertfix[.]info uptofixbi[.]info keeznoted[.]info servzkeeps[.]info ThreatBook Intelligence: https://t.co/jF2f8grOSa
0
7
13
Threat Alert: #SideCopy: New Malware Sample Observed. Sample uses a typosquatted C2 Hash: 5d5ae0671130f0b8232e4e426d88fb4fa42f50e86b7a016a92b89c4181528ad3 C2 Domain: windowsdns[.]com ThreatBook Intelligence: https://t.co/ov6dsZetm0
0
4
11
Security teams need clarity, not noise. That’s why ThreatBook ATI makes it simple to generate threat landscape reports that align directly to your organization’s risks. See the feature in action: https://t.co/Bj9Ogvkdaa
0
0
2
With ThreatBook ATI, you can: ✅ Build customized threat landscapes in minutes ✅ Gain APAC-informed insights with global context ✅ Strengthen detection and response with intelligence that matters Explore the platform:
threatbook.io
Discover ThreatBook ATI, the advanced threat intelligence platform with global and APAC insights. Delivering 99.9% accurate, actionable intelligence to empower security teams.
0
0
2
What if you could build a customized threat landscape report in minutes? With ThreatBook ATI, you can. Here’s how: https://t.co/y6EHoT0PMs
0
1
3
🚀 We’re excited to announce the launch of ThreatBook ATI! With ThreatBook ATI, defenders gain tailored threat landscapes that connect adversary profiles, technical indicators, and real-world activity, helping SOC teams focus on what matters most. https://t.co/zLtzINvoKO
blog.threatbook.io
ThreatBook launches ATI, a low false positive threat intelligence solution offering APAC-specific insights, compatible with existing security stacks for enhanced threat detection and response.
0
1
1
Threat Alert: #Konni — Compromised Site for Data Collection Domain: heydenlloyd[.]com Analyst Note: Legitimate site appears compromised and repurposed to collect victim data. ThreatBook Intelligence: https://t.co/RoOg1y2gdb
0
5
6