EvilTokens

Reports
5
First seen
Mar 23
Last seen
Jun 22
Motivation
financial, Financial fraud, credential theft, wire

Targeting

Sectors
other ×2technology ×1

Top ATT&CK techniques

T1566 Phishing ×5T1110 Brute Force ×3T1078 Valid Accounts ×2T1621 Multi-Factor Authentication Interception ×2T1528 Steal Application Access Token ×2T1021.001 Remote Services: Remote Desktop Protocol ×2T1598.004 Phishing for Information: Spearphishing Attachment ×1T1190 Exploit Public-Facing Application ×1T1598 Phishing for Information ×1T1005 Data from Local System ×1T1583 Acquire Infrastructure ×1T1583.006 Acquire Infrastructure: Web Services ×1

Indicators

ip_v4 ×18domain ×15ip_v6 ×1

Indicator values are available on Pro and via the API.

Recent reports

This page shows data on a 7-day delay. Free accounts get the full delayed feed; real-time reports, indicators, and the API start at $29/mo.