{"id":5612,"date":"2020-10-07T11:08:01","date_gmt":"2020-10-07T18:08:01","guid":{"rendered":"https:\/\/blogs.infoblox.com\/?p=5612"},"modified":"2024-08-07T12:23:16","modified_gmt":"2024-08-07T19:23:16","slug":"realistic-delivery-notices-drop-dridex-banking-trojan","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/realistic-delivery-notices-drop-dridex-banking-trojan\/","title":{"rendered":"Realistic Delivery Notices Drop Dridex Banking Trojan"},"content":{"rendered":"<p><strong>Author: Eric Patterson<\/strong><\/p>\n<p><strong>TLP: WHITE<\/strong><\/p>\n<p>On 24 September, Infoblox observed a malicious spam (malspam) email campaign distributing the Dridex banking trojan via emails spoofing FedEx package delivery notifications.<sup>1<\/sup><\/p>\n<p>In previously reported Dridex campaigns, the emails masqueraded as notifications from other legitimate companies such as Automatic Data Processing, Inc. (ADP), eFax, and Intuit.<sup>2,3,4<\/sup><\/p>\n<p>Dridex was first discovered in 2011 and has consistently been one of the most prolific banking trojans on the market.<sup>5<\/sup> Threat actors typically favor this malware for large scale, financially-motivated malspam campaigns.<\/p>\n<p>Once a victim is infected, Dridex uses its core functionalities of website injections and form grabbing to siphon online banking credentials and pilfer funds from the victims.<\/p>\n<p>Emails in this campaign imitate FedEx Shipment delivery notifications with subject lines containing <em>FedEx Shipment &lt;fake 12-digit tracking number&gt;: Delivered.<\/em> The message body itself uses HTML formatting to mimic the layout, format, and style of a standard FedEx delivery email. By all measurable standards, the malicious message body appears identical to legitimate emails sent by FedEx.<\/p>\n<p>The email senders are slight variations of FedEx\u2019s legitimate email accounts.<\/p>\n<p>The email infrastructure for delivering the Dridex malware includes fraudulent sites with a wide range of top-level domains (TLDs). The registration information for the associated domains also makes use of various registrars and nameservers with no discernable pattern or preference.<\/p>\n<p>Infoblox\u2019s full report on this campaign will be available soon on our\u00a0<a href=\"https:\/\/insights.infoblox.com\/threat-intelligence-reports\">Threat Intelligence Reports<\/a> page.<\/p>\n<p><strong>Endnotes<\/strong><\/p>\n<ol>\n<li><a href=\"https:\/\/www.malware-traffic-analysis.net\/2020\/09\/24\/index.html\">https:\/\/www.malware-traffic-analysis.net\/2020\/09\/24\/index.html<\/a><\/li>\n<li><a href=\"https:\/\/insights.infoblox.com\/threat-intelligence-reports\/threat-intelligence--51\">https:\/\/insights.infoblox.com\/threat-intelligence-reports\/threat-intelligence&#8211;51<\/a><\/li>\n<li><a href=\"https:\/\/insights.infoblox.com\/threat-intelligence-reports\/threat-intelligence--19\">https:\/\/insights.infoblox.com\/threat-intelligence-reports\/threat-intelligence&#8211;19<\/a><\/li>\n<li><a href=\"https:\/\/insights.infoblox.com\/threat-intelligence-reports\/threat-intelligence--72\">https:\/\/insights.infoblox.com\/threat-intelligence-reports\/threat-intelligence&#8211;72<\/a><\/li>\n<li><a href=\"https:\/\/www.globenewswire.com\/news-release\/2020\/04\/09\/2014156\/0\/en\/March-2020-s-Most-Wanted-Malware-Dridex-Banking-Trojan-Ranks-On-Top-Malware-List-For-First-Time.html\">https:\/\/www.globenewswire.com\/news-release\/2020\/04\/09\/2014156\/0\/en\/March-2020-s-Most-Wanted-Malware-Dridex-Banking-Trojan-Ranks-On-Top-Malware-List-For-First-Time.html<\/a><\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Author: Eric Patterson TLP: WHITE On 24 September, Infoblox observed a malicious spam (malspam) email campaign distributing the Dridex banking trojan via emails spoofing FedEx package delivery notifications.1 In previously reported Dridex campaigns, the emails masqueraded as notifications from other legitimate companies such as Automatic Data Processing, Inc. (ADP), eFax, and Intuit.2,3,4 Dridex was first [&hellip;]<\/p>\n","protected":false},"author":397,"featured_media":4104,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[254],"tags":[294,260,189],"class_list":{"0":"post-5612","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threat-intelligence","8":"tag-malspam","9":"tag-trojan","10":"tag-cybersecurity","11":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Realistic Delivery Notices Drop Dridex Banking Trojan<\/title>\n<meta name=\"description\" content=\"On 24 September, Infoblox observed a malicious spam (malspam) email campaign distributing the Dridex banking trojan via emails spoofing FedEx package delivery notifications.\u00a0In previously reported Dridex campaigns, the emails masqueraded as notifications from other legitimate companies such as Automatic Data Processing, Inc. (ADP), eFax, and Intuit.\u00a0\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/realistic-delivery-notices-drop-dridex-banking-trojan\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Realistic Delivery Notices Drop Dridex Banking Trojan\" \/>\n<meta property=\"og:description\" content=\"On 24 September, Infoblox observed a malicious spam (malspam) email campaign distributing the Dridex banking trojan via emails spoofing FedEx package delivery notifications.\u00a0In previously reported Dridex campaigns, the emails masqueraded as notifications from other legitimate companies such as Automatic Data Processing, Inc. (ADP), eFax, and Intuit.\u00a0\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/realistic-delivery-notices-drop-dridex-banking-trojan\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2020-10-07T18:08:01+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-08-07T19:23:16+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/default-blog-featured-img.png\" \/>\n\t<meta property=\"og:image:width\" content=\"725\" \/>\n\t<meta property=\"og:image:height\" content=\"483\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Infoblox Threat Intel\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Infoblox Threat Intel\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/realistic-delivery-notices-drop-dridex-banking-trojan\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/realistic-delivery-notices-drop-dridex-banking-trojan\\\/\"},\"author\":{\"name\":\"Infoblox Threat Intel\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\"},\"headline\":\"Realistic Delivery Notices Drop Dridex Banking Trojan\",\"datePublished\":\"2020-10-07T18:08:01+00:00\",\"dateModified\":\"2024-08-07T19:23:16+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/realistic-delivery-notices-drop-dridex-banking-trojan\\\/\"},\"wordCount\":278,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/realistic-delivery-notices-drop-dridex-banking-trojan\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/default-blog-featured-img.png\",\"keywords\":[\"Malspam\",\"Trojan\",\"Cybersecurity\"],\"articleSection\":[\"Infoblox Threat Intel\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/realistic-delivery-notices-drop-dridex-banking-trojan\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/realistic-delivery-notices-drop-dridex-banking-trojan\\\/\",\"name\":\"Realistic Delivery Notices Drop Dridex Banking Trojan\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/realistic-delivery-notices-drop-dridex-banking-trojan\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/realistic-delivery-notices-drop-dridex-banking-trojan\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/default-blog-featured-img.png\",\"datePublished\":\"2020-10-07T18:08:01+00:00\",\"dateModified\":\"2024-08-07T19:23:16+00:00\",\"description\":\"On 24 September, Infoblox observed a malicious spam (malspam) email campaign distributing the Dridex banking trojan via emails spoofing FedEx package delivery notifications.\u00a0In previously reported Dridex campaigns, the emails masqueraded as notifications from other legitimate companies such as Automatic Data Processing, Inc. (ADP), eFax, and Intuit.\u00a0\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/realistic-delivery-notices-drop-dridex-banking-trojan\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/realistic-delivery-notices-drop-dridex-banking-trojan\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/realistic-delivery-notices-drop-dridex-banking-trojan\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/default-blog-featured-img.png\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/default-blog-featured-img.png\",\"width\":725,\"height\":483},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/realistic-delivery-notices-drop-dridex-banking-trojan\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Infoblox Threat Intel\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/threat-intelligence\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Realistic Delivery Notices Drop Dridex Banking Trojan\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\",\"name\":\"Infoblox Threat Intel\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"url\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"contentUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"caption\":\"Infoblox Threat Intel\"},\"description\":\"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/infoblox-threat-intel\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Realistic Delivery Notices Drop Dridex Banking Trojan","description":"On 24 September, Infoblox observed a malicious spam (malspam) email campaign distributing the Dridex banking trojan via emails spoofing FedEx package delivery notifications.\u00a0In previously reported Dridex campaigns, the emails masqueraded as notifications from other legitimate companies such as Automatic Data Processing, Inc. (ADP), eFax, and Intuit.\u00a0","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/realistic-delivery-notices-drop-dridex-banking-trojan\/","og_locale":"en_US","og_type":"article","og_title":"Realistic Delivery Notices Drop Dridex Banking Trojan","og_description":"On 24 September, Infoblox observed a malicious spam (malspam) email campaign distributing the Dridex banking trojan via emails spoofing FedEx package delivery notifications.\u00a0In previously reported Dridex campaigns, the emails masqueraded as notifications from other legitimate companies such as Automatic Data Processing, Inc. (ADP), eFax, and Intuit.\u00a0","og_url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/realistic-delivery-notices-drop-dridex-banking-trojan\/","og_site_name":"Infoblox Blog","article_published_time":"2020-10-07T18:08:01+00:00","article_modified_time":"2024-08-07T19:23:16+00:00","og_image":[{"width":725,"height":483,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/default-blog-featured-img.png","type":"image\/png"}],"author":"Infoblox Threat Intel","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Infoblox Threat Intel","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/realistic-delivery-notices-drop-dridex-banking-trojan\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/realistic-delivery-notices-drop-dridex-banking-trojan\/"},"author":{"name":"Infoblox Threat Intel","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae"},"headline":"Realistic Delivery Notices Drop Dridex Banking Trojan","datePublished":"2020-10-07T18:08:01+00:00","dateModified":"2024-08-07T19:23:16+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/realistic-delivery-notices-drop-dridex-banking-trojan\/"},"wordCount":278,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/realistic-delivery-notices-drop-dridex-banking-trojan\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/default-blog-featured-img.png","keywords":["Malspam","Trojan","Cybersecurity"],"articleSection":["Infoblox Threat Intel"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/realistic-delivery-notices-drop-dridex-banking-trojan\/","url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/realistic-delivery-notices-drop-dridex-banking-trojan\/","name":"Realistic Delivery Notices Drop Dridex Banking Trojan","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/realistic-delivery-notices-drop-dridex-banking-trojan\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/realistic-delivery-notices-drop-dridex-banking-trojan\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/default-blog-featured-img.png","datePublished":"2020-10-07T18:08:01+00:00","dateModified":"2024-08-07T19:23:16+00:00","description":"On 24 September, Infoblox observed a malicious spam (malspam) email campaign distributing the Dridex banking trojan via emails spoofing FedEx package delivery notifications.\u00a0In previously reported Dridex campaigns, the emails masqueraded as notifications from other legitimate companies such as Automatic Data Processing, Inc. (ADP), eFax, and Intuit.\u00a0","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/realistic-delivery-notices-drop-dridex-banking-trojan\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/threat-intelligence\/realistic-delivery-notices-drop-dridex-banking-trojan\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/realistic-delivery-notices-drop-dridex-banking-trojan\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/default-blog-featured-img.png","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/default-blog-featured-img.png","width":725,"height":483},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/realistic-delivery-notices-drop-dridex-banking-trojan\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Infoblox Threat Intel","item":"https:\/\/www.infoblox.com\/blog\/category\/threat-intelligence\/"},{"@type":"ListItem","position":3,"name":"Realistic Delivery Notices Drop Dridex Banking Trojan"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae","name":"Infoblox Threat Intel","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","contentUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","caption":"Infoblox Threat Intel"},"description":"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.","url":"https:\/\/www.infoblox.com\/blog\/author\/infoblox-threat-intel\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5612","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/397"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=5612"}],"version-history":[{"count":1,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5612\/revisions"}],"predecessor-version":[{"id":5613,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5612\/revisions\/5613"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/4104"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=5612"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=5612"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=5612"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}