gluvoob.com - suggestion to be added to blacklist

Question

lucamosca1 opened this issue 2 years ago · 2 comments

Hi there! Today we've been warned by AWS GuardDuty that one of our internal dns tried to resolve this harmful domain

Answer 1 · 2023-05-30T18:42:50.000Z

What specifically is malicious about this domain?

Answer 2 · 2023-05-31T07:26:46.000Z

GuardDuty details says: EC2 instance i-XXX is querying a domain name associated with a known Command & Control server.

Evidence: Threat intelligence details
Threat IP list
CrowdStrike
Threat names
PdfCaptchaLure21