{"id":6475,"date":"2021-07-07T15:23:04","date_gmt":"2021-07-07T22:23:04","guid":{"rendered":"https:\/\/blogs.infoblox.com\/?p=6475"},"modified":"2024-04-26T13:20:34","modified_gmt":"2024-04-26T20:20:34","slug":"malspam-rtf-files-drop-formbook-infostealer","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-campaign-briefs\/malspam-rtf-files-drop-formbook-infostealer\/","title":{"rendered":"Malspam RTF Files Drop Formbook Infostealer"},"content":{"rendered":"

Author: Nathan Toporek<\/strong><\/h3>\n

TLP: WHITE<\/strong><\/h3>\n

On July 2, Infoblox observed a malicious email campaign that distributes Formbook malware via weaponized Rich Text Format (RTF) files. Emails in this campaign come from someone who appears to be interested in purchasing goods that the recipient might be selling.<\/p>\n

Infoblox has reported on Formbook campaigns several times in the past.1<\/sup>,<\/sup>2<\/sup>,<\/sup>3<\/sup>,<\/sup>4<\/sup> The campaigns usually leverage financial themes, last year also Coronavirus-related messaging, as well as other current topics to lure victims into opening malicious file attachments.\u00a0<\/strong><\/p>\n

Formbook is a well-known infostealer and form-grabber malware, and it is sold as malware-as-a-service5<\/sup> (MaaS) in underground forums. It can communicate with command and control (C&C) servers, and it has evasion capabilities, such as process hollowing, webform hijacking, keylogging, and clipboard monitoring.\u00a0<\/strong><\/p>\n

In this campaign, the sender claims to be interested in various products and asks the target to check a list in an attached file. It is an RTF file that exploits CVE-2017-11882 to download and execute Formbook malware.6<\/sup><\/p>\n

Infoblox\u2019s full report on this campaign will be available soon on our Threat Intelligence Reports<\/a> page.\u00a0<\/strong><\/p>\n

Endnotes<\/strong><\/h3>\n
    \n
  1. https:\/\/insights.infoblox.com\/threat-intelligence-reports\/threat-intelligence–91<\/a><\/li>\n
  2. https:\/\/insights.infoblox.com\/threat-intelligence-reports\/threat-intelligence–67<\/a><\/li>\n
  3. https:\/\/insights.infoblox.com\/threat-intelligence-reports\/threat-intelligence–58<\/a><\/li>\n
  4. https:\/\/insights.infoblox.com\/threat-intelligence-reports\/threat-intelligence–117<\/a><\/li>\n
  5. https:\/\/www.blueliv.com\/cyber-security-and-cyber-threat-intelligence-blog-blueliv\/research\/selling-formbook\/<\/a><\/li>\n
  6. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-11882<\/a><\/li>\n<\/ol>\n

     <\/p>\n","protected":false},"excerpt":{"rendered":"

    Author: Nathan Toporek TLP: WHITE On July 2, Infoblox observed a malicious email campaign that distributes Formbook malware via weaponized Rich Text Format (RTF) files. Emails in this campaign come from someone who appears to be interested in purchasing goods that the recipient might be selling. Infoblox has reported on Formbook campaigns several times in […]<\/p>\n","protected":false},"author":397,"featured_media":6702,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[553],"tags":[351,299,294],"class_list":{"0":"post-6475","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cyber-campaign-briefs","8":"tag-formbook","9":"tag-infostealer","10":"tag-malspam","11":"entry"},"acf":[],"yoast_head":"\nMalspam RTF Files Drop Formbook Infostealer<\/title>\n<meta name=\"description\" content=\"Malspam RTF Files Drop Formbook Infostealer. On July 2, Infoblox observed a malicious email campaign that distributes Formbook malware via weaponized Rich Text Format (RTF) files. Emails in this campaign come from someone who appears to be interested in purchasing goods that the recipient might be selling.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-campaign-briefs\/malspam-rtf-files-drop-formbook-infostealer\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Malspam RTF Files Drop Formbook Infostealer\" \/>\n<meta property=\"og:description\" content=\"Malspam RTF Files Drop Formbook Infostealer. On July 2, Infoblox observed a malicious email campaign that distributes Formbook malware via weaponized Rich Text Format (RTF) files. Emails in this campaign come from someone who appears to be interested in purchasing goods that the recipient might be selling.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-campaign-briefs\/malspam-rtf-files-drop-formbook-infostealer\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2021-07-07T22:23:04+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-26T20:20:34+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ciu-image-35.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"612\" \/>\n\t<meta property=\"og:image:height\" content=\"344\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Infoblox Threat Intel\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Infoblox Threat Intel\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-campaign-briefs\\\/malspam-rtf-files-drop-formbook-infostealer\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-campaign-briefs\\\/malspam-rtf-files-drop-formbook-infostealer\\\/\"},\"author\":{\"name\":\"Infoblox Threat Intel\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\"},\"headline\":\"Malspam RTF Files Drop Formbook Infostealer\",\"datePublished\":\"2021-07-07T22:23:04+00:00\",\"dateModified\":\"2024-04-26T20:20:34+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-campaign-briefs\\\/malspam-rtf-files-drop-formbook-infostealer\\\/\"},\"wordCount\":228,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-campaign-briefs\\\/malspam-rtf-files-drop-formbook-infostealer\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/ciu-image-35.jpg\",\"keywords\":[\"formbook\",\"infostealer\",\"Malspam\"],\"articleSection\":[\"Cyber Campaign Briefs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-campaign-briefs\\\/malspam-rtf-files-drop-formbook-infostealer\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-campaign-briefs\\\/malspam-rtf-files-drop-formbook-infostealer\\\/\",\"name\":\"Malspam RTF Files Drop Formbook Infostealer\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-campaign-briefs\\\/malspam-rtf-files-drop-formbook-infostealer\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-campaign-briefs\\\/malspam-rtf-files-drop-formbook-infostealer\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/ciu-image-35.jpg\",\"datePublished\":\"2021-07-07T22:23:04+00:00\",\"dateModified\":\"2024-04-26T20:20:34+00:00\",\"description\":\"Malspam RTF Files Drop Formbook Infostealer. On July 2, Infoblox observed a malicious email campaign that distributes Formbook malware via weaponized Rich Text Format (RTF) files. Emails in this campaign come from someone who appears to be interested in purchasing goods that the recipient might be selling.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-campaign-briefs\\\/malspam-rtf-files-drop-formbook-infostealer\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-campaign-briefs\\\/malspam-rtf-files-drop-formbook-infostealer\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-campaign-briefs\\\/malspam-rtf-files-drop-formbook-infostealer\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/ciu-image-35.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/ciu-image-35.jpg\",\"width\":612,\"height\":344,\"caption\":\"Malware Detected Warning Screen with abstract binary code 3d digital concept\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/threat-intelligence\\\/cyber-campaign-briefs\\\/malspam-rtf-files-drop-formbook-infostealer\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Infoblox Threat Intel\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/threat-intelligence\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Cyber Campaign Briefs\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/threat-intelligence\\\/cyber-campaign-briefs\\\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Malspam RTF Files Drop Formbook Infostealer\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b6aed8965e3298a0817c16d32c0a67ae\",\"name\":\"Infoblox Threat Intel\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"url\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"contentUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_397_1714162589-96x96.png\",\"caption\":\"Infoblox Threat Intel\"},\"description\":\"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/infoblox-threat-intel\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Malspam RTF Files Drop Formbook Infostealer","description":"Malspam RTF Files Drop Formbook Infostealer. On July 2, Infoblox observed a malicious email campaign that distributes Formbook malware via weaponized Rich Text Format (RTF) files. Emails in this campaign come from someone who appears to be interested in purchasing goods that the recipient might be selling.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-campaign-briefs\/malspam-rtf-files-drop-formbook-infostealer\/","og_locale":"en_US","og_type":"article","og_title":"Malspam RTF Files Drop Formbook Infostealer","og_description":"Malspam RTF Files Drop Formbook Infostealer. On July 2, Infoblox observed a malicious email campaign that distributes Formbook malware via weaponized Rich Text Format (RTF) files. Emails in this campaign come from someone who appears to be interested in purchasing goods that the recipient might be selling.","og_url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-campaign-briefs\/malspam-rtf-files-drop-formbook-infostealer\/","og_site_name":"Infoblox Blog","article_published_time":"2021-07-07T22:23:04+00:00","article_modified_time":"2024-04-26T20:20:34+00:00","og_image":[{"width":612,"height":344,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ciu-image-35.jpg","type":"image\/jpeg"}],"author":"Infoblox Threat Intel","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Infoblox Threat Intel","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-campaign-briefs\/malspam-rtf-files-drop-formbook-infostealer\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-campaign-briefs\/malspam-rtf-files-drop-formbook-infostealer\/"},"author":{"name":"Infoblox Threat Intel","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae"},"headline":"Malspam RTF Files Drop Formbook Infostealer","datePublished":"2021-07-07T22:23:04+00:00","dateModified":"2024-04-26T20:20:34+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-campaign-briefs\/malspam-rtf-files-drop-formbook-infostealer\/"},"wordCount":228,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-campaign-briefs\/malspam-rtf-files-drop-formbook-infostealer\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ciu-image-35.jpg","keywords":["formbook","infostealer","Malspam"],"articleSection":["Cyber Campaign Briefs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-campaign-briefs\/malspam-rtf-files-drop-formbook-infostealer\/","url":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-campaign-briefs\/malspam-rtf-files-drop-formbook-infostealer\/","name":"Malspam RTF Files Drop Formbook Infostealer","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-campaign-briefs\/malspam-rtf-files-drop-formbook-infostealer\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-campaign-briefs\/malspam-rtf-files-drop-formbook-infostealer\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ciu-image-35.jpg","datePublished":"2021-07-07T22:23:04+00:00","dateModified":"2024-04-26T20:20:34+00:00","description":"Malspam RTF Files Drop Formbook Infostealer. On July 2, Infoblox observed a malicious email campaign that distributes Formbook malware via weaponized Rich Text Format (RTF) files. Emails in this campaign come from someone who appears to be interested in purchasing goods that the recipient might be selling.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-campaign-briefs\/malspam-rtf-files-drop-formbook-infostealer\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-campaign-briefs\/malspam-rtf-files-drop-formbook-infostealer\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-campaign-briefs\/malspam-rtf-files-drop-formbook-infostealer\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ciu-image-35.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ciu-image-35.jpg","width":612,"height":344,"caption":"Malware Detected Warning Screen with abstract binary code 3d digital concept"},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/threat-intelligence\/cyber-campaign-briefs\/malspam-rtf-files-drop-formbook-infostealer\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Infoblox Threat Intel","item":"https:\/\/www.infoblox.com\/blog\/category\/threat-intelligence\/"},{"@type":"ListItem","position":3,"name":"Cyber Campaign Briefs","item":"https:\/\/www.infoblox.com\/blog\/category\/threat-intelligence\/cyber-campaign-briefs\/"},{"@type":"ListItem","position":4,"name":"Malspam RTF Files Drop Formbook Infostealer"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b6aed8965e3298a0817c16d32c0a67ae","name":"Infoblox Threat Intel","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","contentUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_397_1714162589-96x96.png","caption":"Infoblox Threat Intel"},"description":"Infoblox Threat Intel is the leading creator of original DNS threat intelligence, distinguishing itself in a sea of aggregators. What sets us apart? Two things: mad DNS skills and unparalleled visibility. DNS is notoriously tricky to interpret and hunt from, but our deep understanding and unique access to the internet's inner workings allow us to track down threat actors that others can't see. We're proactive, not just defensive, using our insights to disrupt cybercrime where it begins. We also believe in sharing knowledge to support the broader security community by publishing detailed research and releasing indicators on GitHub. In addition, our intel is seamlessly integrated into our Infoblox Protective DNS solutions, so customers automatically get its benefits, along with ridiculously low false positive rates.","url":"https:\/\/www.infoblox.com\/blog\/author\/infoblox-threat-intel\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/6475","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/397"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=6475"}],"version-history":[{"count":1,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/6475\/revisions"}],"predecessor-version":[{"id":6476,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/6475\/revisions\/6476"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/6702"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=6475"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=6475"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=6475"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}