{"id":5332,"date":"2020-07-01T11:07:47","date_gmt":"2020-07-01T18:07:47","guid":{"rendered":"https:\/\/blogs.infoblox.com\/?p=5332"},"modified":"2024-04-26T13:21:22","modified_gmt":"2024-04-26T20:21:22","slug":"blm-themed-malspam-delivers-trickbot-banking-trojan","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/blm-themed-malspam-delivers-trickbot-banking-trojan\/","title":{"rendered":"BLM-Themed Malspam Delivers Trickbot Banking Trojan"},"content":{"rendered":"<p>Author: Eric Patterson<br \/>\nTLP: WHITE<\/p>\n<p>On 25 June, Infoblox observed a Black Lives Matters (BLM)-themed malicious spam (malspam) campaign delivering Trickbot malware.<sup>1,2,3<\/sup> The previous Trickbot campaign we wrote about employed an email lure that spoofed an alert from the World Health Organization regarding the Coronavirus pandemic.<sup>4<\/sup><\/p>\n<p>Trickbot infects victims, steals sensitive financial information, and exfiltrates it to its command and control (C2) server. It can also move laterally within a network by brute-forcing Remote Desktop Protocol (RDP) credentials. Threat actors favor Trickbot due to its modular nature, which facilitates customization and provides attackers the capability to drop additional malware on an infected system.<\/p>\n<p>The emails we observed in this campaign all portrayed themselves to be from official-sounding sources such as the \u201cState Authority\u201d or \u201cCountry Administration,\u201d which do not actually exist.<\/p>\n<p>The email subject lines varied, asking the recipient to vote on or express how they felt about the BLM movement. The message bodies followed this theme, asking recipients to anonymously leave their reviews on the subject matter. The bodies also indicated that some sort of claim was attached. The accompanying files were Microsoft Word documents that followed the naming scheme:\u00a0<em>e-vote_form &lt;4-5 digits&gt;.doc<\/em>.<\/p>\n<p>Infoblox\u2019s full report on this campaign will be available soon on our <a href=\"https:\/\/insights.infoblox.com\/threat-intelligence-reports\">Threat Intelligence Reports<\/a> page.<\/p>\n<p><strong>Endnotes<\/strong><\/p>\n<ol>\n<li><a href=\"https:\/\/twitter.com\/malware_traffic\/status\/1276193322999123972\">https:\/\/twitter.com\/malware_traffic\/status\/1276193322999123972<\/a><\/li>\n<li><a href=\"https:\/\/twitter.com\/abuse_ch\/status\/1275526243404972034\">https:\/\/twitter.com\/abuse_ch\/status\/1275526243404972034<\/a><\/li>\n<li><a href=\"https:\/\/news.zepko.com\/black-lives-matter-email-campaign-delivers-trickbot-malware\/\">https:\/\/news.zepko.com\/black-lives-matter-email-campaign-delivers-trickbot-malware\/<\/a><\/li>\n<li><a href=\"https:\/\/insights.infoblox.com\/threat-intelligence-reports\/threat-intelligence--66\">https:\/\/insights.infoblox.com\/threat-intelligence-reports\/threat-intelligence&#8211;66<\/a><\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Author: Eric Patterson TLP: WHITE On 25 June, Infoblox observed a Black Lives Matters (BLM)-themed malicious spam (malspam) campaign delivering Trickbot malware.1,2,3 The previous Trickbot campaign we wrote about employed an email lure that spoofed an alert from the World Health Organization regarding the Coronavirus pandemic.4 Trickbot infects victims, steals sensitive financial information, and exfiltrates [&hellip;]<\/p>\n","protected":false},"author":397,"featured_media":3324,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[254],"tags":[294,32,295,260],"class_list":{"0":"post-5332","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threat-intelligence","8":"tag-malspam","9":"tag-malware","10":"tag-trickbot","11":"tag-trojan","12":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>BLM-Themed Malspam Delivers Trickbot Banking Trojan<\/title>\n<meta name=\"description\" content=\"On 25 June, Infoblox observed a Black Lives Matters (BLM)-themed malicious spam (malspam) campaign delivering Trickbot malware.The previous Trickbot campaign we wrote about employed an email lure that spoofed an alert from the World Health Organization regarding the Coronavirus pandemic.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/blm-themed-malspam-delivers-trickbot-banking-trojan\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"BLM-Themed Malspam Delivers Trickbot Banking Trojan\" \/>\n<meta property=\"og:description\" content=\"On 25 June, Infoblox observed a Black Lives Matters (BLM)-themed malicious spam (malspam) campaign delivering Trickbot malware.The previous Trickbot campaign we wrote about employed an email lure that spoofed an alert from the World Health Organization regarding the Coronavirus pandemic.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/blm-themed-malspam-delivers-trickbot-banking-trojan\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2020-07-01T18:07:47+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-26T20:21:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/top-10-dns-attacks.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"660\" \/>\n\t<meta property=\"og:image:height\" content=\"454\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Infoblox Threat Intel\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Infoblox Threat Intel\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/blm-themed-malspam-delivers-trickbot-banking-trojan\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/blm-themed-malspam-delivers-trickbot-banking-trojan\\\/\"},\"author\":{\"name\":\"Infoblox Threat Intel\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\"},\"headline\":\"BLM-Themed Malspam Delivers Trickbot Banking Trojan\",\"datePublished\":\"2020-07-01T18:07:47+00:00\",\"dateModified\":\"2024-04-26T20:21:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/blm-themed-malspam-delivers-trickbot-banking-trojan\\\/\"},\"wordCount\":247,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/blm-themed-malspam-delivers-trickbot-banking-trojan\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/top-10-dns-attacks.jpg\",\"keywords\":[\"Malspam\",\"Malware\",\"trickbot\",\"Trojan\"],\"articleSection\":[\"Infoblox Threat Intel\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/blm-themed-malspam-delivers-trickbot-banking-trojan\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/blm-themed-malspam-delivers-trickbot-banking-trojan\\\/\",\"name\":\"BLM-Themed Malspam Delivers Trickbot Banking Trojan\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/blm-themed-malspam-delivers-trickbot-banking-trojan\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/blm-themed-malspam-delivers-trickbot-banking-trojan\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/top-10-dns-attacks.jpg\",\"datePublished\":\"2020-07-01T18:07:47+00:00\",\"dateModified\":\"2024-04-26T20:21:22+00:00\",\"description\":\"On 25 June, Infoblox observed a Black Lives Matters (BLM)-themed malicious spam (malspam) campaign delivering Trickbot malware.The previous Trickbot campaign we wrote about employed an email lure that spoofed an alert from the World Health Organization regarding the Coronavirus pandemic.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/blm-themed-malspam-delivers-trickbot-banking-trojan\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/blm-themed-malspam-delivers-trickbot-banking-trojan\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/blm-themed-malspam-delivers-trickbot-banking-trojan\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/top-10-dns-attacks.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/top-10-dns-attacks.jpg\",\"width\":660,\"height\":454},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/blm-themed-malspam-delivers-trickbot-banking-trojan\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Infoblox Threat Intel\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/threat-intelligence\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"BLM-Themed Malspam Delivers Trickbot Banking Trojan\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\",\"name\":\"Infoblox Threat Intel\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"url\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"contentUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"caption\":\"Infoblox Threat Intel\"},\"description\":\"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/infoblox-threat-intel\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"BLM-Themed Malspam Delivers Trickbot Banking Trojan","description":"On 25 June, Infoblox observed a Black Lives Matters (BLM)-themed malicious spam (malspam) campaign delivering Trickbot malware.The previous Trickbot campaign we wrote about employed an email lure that spoofed an alert from the World Health Organization regarding the Coronavirus pandemic.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/blm-themed-malspam-delivers-trickbot-banking-trojan\/","og_locale":"en_US","og_type":"article","og_title":"BLM-Themed Malspam Delivers Trickbot Banking Trojan","og_description":"On 25 June, Infoblox observed a Black Lives Matters (BLM)-themed malicious spam (malspam) campaign delivering Trickbot malware.The previous Trickbot campaign we wrote about employed an email lure that spoofed an alert from the World Health Organization regarding the Coronavirus pandemic.","og_url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/blm-themed-malspam-delivers-trickbot-banking-trojan\/","og_site_name":"Infoblox Blog","article_published_time":"2020-07-01T18:07:47+00:00","article_modified_time":"2024-04-26T20:21:22+00:00","og_image":[{"width":660,"height":454,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/top-10-dns-attacks.jpg","type":"image\/jpeg"}],"author":"Infoblox Threat Intel","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Infoblox Threat Intel","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/blm-themed-malspam-delivers-trickbot-banking-trojan\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/blm-themed-malspam-delivers-trickbot-banking-trojan\/"},"author":{"name":"Infoblox Threat Intel","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae"},"headline":"BLM-Themed Malspam Delivers Trickbot Banking Trojan","datePublished":"2020-07-01T18:07:47+00:00","dateModified":"2024-04-26T20:21:22+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/blm-themed-malspam-delivers-trickbot-banking-trojan\/"},"wordCount":247,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/blm-themed-malspam-delivers-trickbot-banking-trojan\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/top-10-dns-attacks.jpg","keywords":["Malspam","Malware","trickbot","Trojan"],"articleSection":["Infoblox Threat Intel"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/blm-themed-malspam-delivers-trickbot-banking-trojan\/","url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/blm-themed-malspam-delivers-trickbot-banking-trojan\/","name":"BLM-Themed Malspam Delivers Trickbot Banking Trojan","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/blm-themed-malspam-delivers-trickbot-banking-trojan\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/blm-themed-malspam-delivers-trickbot-banking-trojan\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/top-10-dns-attacks.jpg","datePublished":"2020-07-01T18:07:47+00:00","dateModified":"2024-04-26T20:21:22+00:00","description":"On 25 June, Infoblox observed a Black Lives Matters (BLM)-themed malicious spam (malspam) campaign delivering Trickbot malware.The previous Trickbot campaign we wrote about employed an email lure that spoofed an alert from the World Health Organization regarding the Coronavirus pandemic.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/blm-themed-malspam-delivers-trickbot-banking-trojan\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/threat-intelligence\/blm-themed-malspam-delivers-trickbot-banking-trojan\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/blm-themed-malspam-delivers-trickbot-banking-trojan\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/top-10-dns-attacks.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/top-10-dns-attacks.jpg","width":660,"height":454},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/blm-themed-malspam-delivers-trickbot-banking-trojan\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Infoblox Threat Intel","item":"https:\/\/www.infoblox.com\/blog\/category\/threat-intelligence\/"},{"@type":"ListItem","position":3,"name":"BLM-Themed Malspam Delivers Trickbot Banking Trojan"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae","name":"Infoblox Threat Intel","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","contentUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","caption":"Infoblox Threat Intel"},"description":"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.","url":"https:\/\/www.infoblox.com\/blog\/author\/infoblox-threat-intel\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5332","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/397"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=5332"}],"version-history":[{"count":1,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5332\/revisions"}],"predecessor-version":[{"id":5333,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5332\/revisions\/5333"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/3324"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=5332"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=5332"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=5332"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}