Now using .live TLD's

#Tycoon2FA #Phishing 🐟48 Domains related to Tycoon2FA Phishing with Low Hits on vt: pastebin.com/u1hfmu4s Full List: github.com/NoMorePhish/Ty… Tool used: Validin CC: WatchingRac Who said what? Mikhail Kasimov

#Tycoon2FA #Phishing 🐟79 Domains related to Tycoon2FA Phishing with Low Hits on vt: pastebin.com/NWxMrYuj Full List: github.com/NoMorePhish/Ty… Tool used: Validin CC: WatchingRac Who said what? Mikhail Kasimov

#Tycoon2FA #Phishing 🐟10 Domains related to Tycoon2FA Phishing with Low Hits on vt: pastebin.com/0ScewEqu Full List: github.com/NoMorePhish/Ty… Tool used: Validin CC: WatchingRac Who said what? Mikhail Kasimov

Awesome blog post Silent Push!! silentpush.com/blog/countload…

#Tycoon2FA #Phishing - Using new TLD ([.]co[.]za) - New Anti-Bot System (never saw something like that) CC: Fox_threatintel NDA0E blinkz kddx00 Raghav Rastogi DaveTheResearcher Who said what? Dee Mikhail Kasimov ge0lev Simplicio Sam L. JAMESWT_MHT DonPasci

#Tycoon2FA #Phishing 🐟78 Domains related to Tycoon2FA Phishing with Low Hits on vt: pastebin.com/2ud7YYea Full List: github.com/NoMorePhish/Ty… Tool used: Validin CC: WatchingRac Who said what? Mikhail Kasimov

#Tycoon2FA #Phishing 🐟To Many Domains Founded, Bot doesn't know the number Full List: github.com/NoMorePhish/Ty… Tool used: Validin CC: WatchingRac Who said what? Mikhail Kasimov

#Tycoon2FA #Phishing One more TLD: - .ru.com (If you know more TLD's that are not listed in the github, please DM me) CC: Fox_threatintel NDA0E blinkz kddx00 Raghav Rastogi DaveTheResearcher Who said what? Dee Mikhail Kasimov ge0lev Simplicio Sam L. JAMESWT_MHT DonPasci

#Tycoon2FA #Phishing 🐟 558 New Domains Full List: github.com/NoMorePhish/Ty… Tool used: Validin CC: WatchingRac Who said what? Mikhail Kasimov

#Phishing Almost 10k #Tycoon2fa Domains CC: Fox_threatintel NDA0E blinkz kddx00 Raghav Rastogi DaveTheResearcher Who said what? Dee Mikhail Kasimov ge0lev Simplicio Sam L. JAMESWT_MHT DonPasci

#Tycoon2FA #Phishing 🐟 127 New Domains pastebin.com/4GVsdHjs Full List: github.com/NoMorePhish/Ty… Tool used: Censys CC: WatchingRac Who said what? Mikhail Kasimov

Mapping Lumma's infrastructure 🧵 Key pivots: ℹ️Cert fingerprints connecting distribution → C2 ℹ️ASN clustering (Aeza, Routerhosting, Proton66) ℹ️Domain patterns (.qpon, .top, .xyz, .ru) 👉 intelinsights.substack.com/p/mapping-late…

All the domains are now submitted to Spamhaus CC: Fox_threatintel NDA0E blinkz kddx00 Raghav Rastogi DaveTheResearcher Who said what? Dee Mikhail Kasimov ge0lev Simplicio Sam L. JAMESWT_MHT DonPasci

#Tycoon2FA #Phishing 🐟 225 New Domains pastebin.com/jLXyHrzB Full List: github.com/NoMorePhish/Ty… Uploaded to: Spamhaus Tool used: Censys CC: WatchingRac Who said what? Mikhail Kasimov

#Tycoon2FA - Anti-bot system got a few new features - New TLD's being used: .email (Nullwhire thanks for the info!!) CC: Fox_threatintel NDA0E blinkz kddx00 Raghav Rastogi DaveTheResearcher Who said what? Dee Mikhail Kasimov ge0lev Simplicio Sam L. JAMESWT_MHT DonPasci

#Tycoon2FA #Phishing 🚨Almost 10K🚨 github.com/NoMorePhish/Ty…

#Tycoon2FA #Phishing 🐟 Lost the count of New Domains Full List: github.com/NoMorePhish/Ty… Tool used: Censys CC: WatchingRac Who said what? Mikhail Kasimov