{"id":5816,"date":"2020-12-22T10:06:55","date_gmt":"2020-12-22T18:06:55","guid":{"rendered":"https:\/\/blogs.infoblox.com\/?p=5816"},"modified":"2024-04-26T13:21:00","modified_gmt":"2024-04-26T20:21:00","slug":"malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\/","title":{"rendered":"Malspam Sender Spoofing Indian Companies Drops Agent Tesla Keylogger"},"content":{"rendered":"<p><strong>Author: Victor Sandin<br \/>\n<\/strong><strong>TLP: WHITE<\/strong><\/p>\n<p>Between 13 and 14 December, Infoblox observed a malicious spam (malspam) email campaign distributing Agent Tesla keylogger<sup>1 <\/sup>via a Microsoft Excel spreadsheet (XLS) with malicious macros. In this campaign, threat actor(s) sent emails spoofing communication from Gopaldas &amp; Sons (also Gopal Das &amp; Sons, both of which represent several large companies in India).<\/p>\n<p>Agent Tesla is a credential-stealing malware that was first discovered in 2004. It is sold through a subscription-based license on its official website, and according to Threatpost, it has been one of the most popular malware variants in 2020.<sup>2<\/sup> Agent Tesla\u2019s main capabilities include:<\/p>\n<ul>\n<li>Keylogging;<\/li>\n<li>Harvesting configuration data and credentials from VPN, FTP and email clients, as well as from web browsers;<\/li>\n<li>Collecting system information;<\/li>\n<li>Transmitting stolen data to its command and control (C&amp;C) via SMTP or FTP; and<\/li>\n<li>Evading detection and analysis through strong cryptography protocols.<\/li>\n<\/ul>\n<p>In this campaign, the threat actor(s) distributed emails that impersonated a Gopaldas &amp; Sons purchasing manager with the sender address <em>lv@gopaldas-sons[.]com<\/em> and subject line <em>Tool kit Lugdivine new order<\/em>. The email bodies claimed that the attached file, <em>RFQ Gopaldas selection.xls<\/em>, contained a compiled collection of their products.<\/p>\n<p>Infoblox\u2019s full report on this campaign will be available soon on our\u00a0<a href=\"https:\/\/insights.infoblox.com\/threat-intelligence-reports\">Threat Intelligence Reports<\/a> page.<\/p>\n<p><strong>Endnotes<\/strong><\/p>\n<ol>\n<li><a href=\"https:\/\/labs.sentinelone.com\/agent-tesla-old-rat-uses-new-tricks-to-stay-on-top\/\">https:\/\/labs.sentinelone.com\/agent-tesla-old-rat-uses-new-tricks-to-stay-on-top\/<\/a><\/li>\n<li><a href=\"https:\/\/threatpost.com\/agent-tesla-spyware-tricks-arsenal\/158284\/\">https:\/\/threatpost.com\/agent-tesla-spyware-tricks-arsenal\/158284\/<\/a><\/li>\n<\/ol>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Author: Victor Sandin TLP: WHITE Between 13 and 14 December, Infoblox observed a malicious spam (malspam) email campaign distributing Agent Tesla keylogger1 via a Microsoft Excel spreadsheet (XLS) with malicious macros. In this campaign, threat actor(s) sent emails spoofing communication from Gopaldas &amp; Sons (also Gopal Das &amp; Sons, both of which represent several large [&hellip;]<\/p>\n","protected":false},"author":397,"featured_media":1894,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[254],"tags":[400,189,375,374,294,399],"class_list":{"0":"post-5816","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threat-intelligence","8":"tag-agent-tesla","9":"tag-cybersecurity","10":"tag-enterprise","11":"tag-enterprises","12":"tag-malspam","13":"tag-tesla-keylogger","14":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Malspam Sender Spoofing Indian Companies Drops Agent Tesla Keylogger<\/title>\n<meta name=\"description\" content=\"Malspam Sender Spoofing Indian Companies Drops Agent Tesla Keylogger. Between 13 and 14 December, Infoblox observed a malicious spam (malspam) email campaign distributing Agent Tesla keylogger1 via a Microsoft Excel spreadsheet (XLS) with malicious macros. In this campaign, threat actor(s) sent emails spoofing communication from Gopaldas &amp; Sons (also Gopal Das &amp; Sons, both of which represent several large companies in India).\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Malspam Sender Spoofing Indian Companies Drops Agent Tesla Keylogger\" \/>\n<meta property=\"og:description\" content=\"Malspam Sender Spoofing Indian Companies Drops Agent Tesla Keylogger. Between 13 and 14 December, Infoblox observed a malicious spam (malspam) email campaign distributing Agent Tesla keylogger1 via a Microsoft Excel spreadsheet (XLS) with malicious macros. In this campaign, threat actor(s) sent emails spoofing communication from Gopaldas &amp; Sons (also Gopal Das &amp; Sons, both of which represent several large companies in India).\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2020-12-22T18:06:55+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-26T20:21:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/feb-25.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"660\" \/>\n\t<meta property=\"og:image:height\" content=\"454\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Infoblox Threat Intel\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Infoblox Threat Intel\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\\\/\"},\"author\":{\"name\":\"Infoblox Threat Intel\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\"},\"headline\":\"Malspam Sender Spoofing Indian Companies Drops Agent Tesla Keylogger\",\"datePublished\":\"2020-12-22T18:06:55+00:00\",\"dateModified\":\"2024-04-26T20:21:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\\\/\"},\"wordCount\":233,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/feb-25.jpg\",\"keywords\":[\"agent tesla\",\"Cybersecurity\",\"enterprise\",\"enterprises\",\"Malspam\",\"tesla keylogger\"],\"articleSection\":[\"Infoblox Threat Intel\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\\\/\",\"name\":\"Malspam Sender Spoofing Indian Companies Drops Agent Tesla Keylogger\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/feb-25.jpg\",\"datePublished\":\"2020-12-22T18:06:55+00:00\",\"dateModified\":\"2024-04-26T20:21:00+00:00\",\"description\":\"Malspam Sender Spoofing Indian Companies Drops Agent Tesla Keylogger. Between 13 and 14 December, Infoblox observed a malicious spam (malspam) email campaign distributing Agent Tesla keylogger1 via a Microsoft Excel spreadsheet (XLS) with malicious macros. In this campaign, threat actor(s) sent emails spoofing communication from Gopaldas & Sons (also Gopal Das & Sons, both of which represent several large companies in India).\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/feb-25.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/feb-25.jpg\",\"width\":660,\"height\":454,\"caption\":\"DISA STIG Compliance for the Enterprise Network\u2026Really?\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Infoblox Threat Intel\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/threat-intelligence\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Malspam Sender Spoofing Indian Companies Drops Agent Tesla Keylogger\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\",\"name\":\"Infoblox Threat Intel\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"url\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"contentUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"caption\":\"Infoblox Threat Intel\"},\"description\":\"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/infoblox-threat-intel\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Malspam Sender Spoofing Indian Companies Drops Agent Tesla Keylogger","description":"Malspam Sender Spoofing Indian Companies Drops Agent Tesla Keylogger. Between 13 and 14 December, Infoblox observed a malicious spam (malspam) email campaign distributing Agent Tesla keylogger1 via a Microsoft Excel spreadsheet (XLS) with malicious macros. In this campaign, threat actor(s) sent emails spoofing communication from Gopaldas & Sons (also Gopal Das & Sons, both of which represent several large companies in India).","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\/","og_locale":"en_US","og_type":"article","og_title":"Malspam Sender Spoofing Indian Companies Drops Agent Tesla Keylogger","og_description":"Malspam Sender Spoofing Indian Companies Drops Agent Tesla Keylogger. Between 13 and 14 December, Infoblox observed a malicious spam (malspam) email campaign distributing Agent Tesla keylogger1 via a Microsoft Excel spreadsheet (XLS) with malicious macros. In this campaign, threat actor(s) sent emails spoofing communication from Gopaldas & Sons (also Gopal Das & Sons, both of which represent several large companies in India).","og_url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\/","og_site_name":"Infoblox Blog","article_published_time":"2020-12-22T18:06:55+00:00","article_modified_time":"2024-04-26T20:21:00+00:00","og_image":[{"width":660,"height":454,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/feb-25.jpg","type":"image\/jpeg"}],"author":"Infoblox Threat Intel","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Infoblox Threat Intel","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\/"},"author":{"name":"Infoblox Threat Intel","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae"},"headline":"Malspam Sender Spoofing Indian Companies Drops Agent Tesla Keylogger","datePublished":"2020-12-22T18:06:55+00:00","dateModified":"2024-04-26T20:21:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\/"},"wordCount":233,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/feb-25.jpg","keywords":["agent tesla","Cybersecurity","enterprise","enterprises","Malspam","tesla keylogger"],"articleSection":["Infoblox Threat Intel"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\/","url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\/","name":"Malspam Sender Spoofing Indian Companies Drops Agent Tesla Keylogger","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/feb-25.jpg","datePublished":"2020-12-22T18:06:55+00:00","dateModified":"2024-04-26T20:21:00+00:00","description":"Malspam Sender Spoofing Indian Companies Drops Agent Tesla Keylogger. Between 13 and 14 December, Infoblox observed a malicious spam (malspam) email campaign distributing Agent Tesla keylogger1 via a Microsoft Excel spreadsheet (XLS) with malicious macros. In this campaign, threat actor(s) sent emails spoofing communication from Gopaldas & Sons (also Gopal Das & Sons, both of which represent several large companies in India).","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/threat-intelligence\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/feb-25.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/feb-25.jpg","width":660,"height":454,"caption":"DISA STIG Compliance for the Enterprise Network\u2026Really?"},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/malspam-sender-spoofing-indian-companies-drops-agent-tesla-keylogger\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Infoblox Threat Intel","item":"https:\/\/www.infoblox.com\/blog\/category\/threat-intelligence\/"},{"@type":"ListItem","position":3,"name":"Malspam Sender Spoofing Indian Companies Drops Agent Tesla Keylogger"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae","name":"Infoblox Threat Intel","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","contentUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","caption":"Infoblox Threat Intel"},"description":"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.","url":"https:\/\/www.infoblox.com\/blog\/author\/infoblox-threat-intel\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5816","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/397"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=5816"}],"version-history":[{"count":1,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5816\/revisions"}],"predecessor-version":[{"id":5817,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/5816\/revisions\/5817"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/1894"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=5816"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=5816"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=5816"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}