Planetary Reef

Description

(PhishLabs) PhishLabs is monitoring a threat actor group that has set up fraudulent hosting companies with leased IP space from a legitimate reseller. They are using this infrastructure for bulletproof hosting services as well as to carry out their own phishing attacks. The group, which is based in Indonesia, has been dubbed Planetary Reef.

Planetary Reef is most notable in how they host phishing sites. While traditional methods of distributing phishing attacks rely on compromised websites or increasingly, free domains, Planetary Reef is leasing their IP space from a large reseller. Using space, the group has created an array of seemingly legitimate hosting companies that they promote through social media.

Names

Name	Name-Giver
Planetary Reef	PhishLabs

Country

Indonesia

Motivation

Financial gain

First Seen

2020

Information

https://info.phishlabs.com/blog/planetary-reef-cybercriminal-hosting-and-phishing-as-a-service-threat-actor

Other Information

Uuid

17bfecf4-f046-4f3b-90c6-045eb4f6a436

Last Card Change

2021-01-05

Threat Intelligence Garden

Explorer

Planetary Reef

Planetary Reef

Description

Names

Country

Motivation

First Seen

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks