{ "type": "bundle", "id": "bundle--57a6cb33-e3d9-4964-9ce7-a3a593450b79", "objects": [ { "type": "identity", "spec_version": "2.1", "id": "identity--c7e51838-39bb-4a48-83bd-ce30af0c9402", "created": "2024-03-05T10:56:29.07593Z", "modified": "2024-10-29T23:27:51.306863Z", "name": "Hunt.io", "identity_class": "organization" }, { "type": "file", "spec_version": "2.1", "id": "file--5ec73d9d-5cd3-4761-b234-c7145519b51d", "hashes": { "SHA-1": "d8591a62916984952383b789e8ab2697f4642c63" } }, { "type": "file", "spec_version": "2.1", "id": "file--e9faed28-e993-4d34-a194-61621b57721a", "hashes": { "SHA-1": "57cb8dca59c6fd0aab69c052c93fcece4fc3d0ff" } }, { "type": "url", "spec_version": "2.1", "id": "url--f7d7c791-e6fe-44f3-9cbf-77b1f975ac72", "value": "http://stuff.gduser.eu/gmail/gduser.eu/index.php?/bad-page" }, { "type": "url", "spec_version": "2.1", "id": "url--8e442ece-4dc4-4125-b894-aff4783308f7", "value": "https://binace.homes/middle/attach/PhishingURL" }, { "type": "url", "spec_version": "2.1", "id": "url--5dd18342-8def-4a30-ad02-189a6c445c9a", "value": "http://stuff.ilk.gduser.eu/bad-page" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--324ba01b-5520-41a4-b432-7a60357d3f97", "value": "stuff.ilk.gduser.eu" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--d158d58f-21fc-4583-b442-c6e96f96e433", "value": "stuff.gduser.eu" }, { "type": "domain-name", "spec_version": "2.1", "id": "domain-name--8ee68eb7-553a-4770-9a36-480be3801463", "value": "binace.homes" }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--c9084a63-b876-4cb8-874c-a70da7519564", "value": "123.76.96.130" }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--aec0ae16-6cfa-4779-bb4c-eed9f4bdf120", "value": "45.195.69.28" }, { "type": "ipv4-addr", "spec_version": "2.1", "id": "ipv4-addr--e0e44b19-293a-47a3-9662-ae151f099883", "value": "27.255.75.158" }, { "type": "threat-actor", "spec_version": "2.1", "id": "threat-actor--3cad7692-b5b4-565b-88b1-63998b3f44a1", "created": "2026-06-24T19:51:55.653165Z", "modified": "2026-06-24T19:51:55.653165Z", "name": "Kimsuky" }, { "type": "report", "spec_version": "2.1", "id": "report--61a4b2eb-28f9-4e4a-a07b-fbd038d7da35", "created_by_ref": "identity--c7e51838-39bb-4a48-83bd-ce30af0c9402", "created": "2026-06-24T19:51:55.655951Z", "modified": "2026-06-24T19:51:55.655951Z", "name": "Open Directory Exposes Phishing Campaign Targeting Google & Naver Credentials", "published": "2024-03-05T00:00:00Z", "object_refs": [ "identity--c7e51838-39bb-4a48-83bd-ce30af0c9402", "file--5ec73d9d-5cd3-4761-b234-c7145519b51d", "file--e9faed28-e993-4d34-a194-61621b57721a", "url--f7d7c791-e6fe-44f3-9cbf-77b1f975ac72", "url--8e442ece-4dc4-4125-b894-aff4783308f7", "url--5dd18342-8def-4a30-ad02-189a6c445c9a", "domain-name--324ba01b-5520-41a4-b432-7a60357d3f97", "domain-name--d158d58f-21fc-4583-b442-c6e96f96e433", "domain-name--8ee68eb7-553a-4770-9a36-480be3801463", "ipv4-addr--c9084a63-b876-4cb8-874c-a70da7519564", "ipv4-addr--aec0ae16-6cfa-4779-bb4c-eed9f4bdf120", "ipv4-addr--e0e44b19-293a-47a3-9662-ae151f099883", "threat-actor--3cad7692-b5b4-565b-88b1-63998b3f44a1" ], "external_references": [ { "source_name": "source", "url": "https://hunt.io/blog/open-directory-exposes-phishing-campaign-targeting-google-and-naver-credentials" } ] } ] }