2022-02-25 16:50:23 +00:00
# Cyclops Blink - Cyber Threat Intelligence
These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis ](https://vuldb.com/?kb.cti ) of the actor known as [Cyclops Blink ](https://vuldb.com/?actor.cyclops_blink ). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics.
_Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.cyclops_blink ](https://vuldb.com/?actor.cyclops_blink )
## IOC - Indicator of Compromise
These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Cyclops Blink.
ID | IP address | Hostname | Campaign | Confidence
-- | ---------- | -------- | -------- | ----------
2022-08-04 10:18:19 +00:00
1 | [1.9.85.247 ](https://vuldb.com/?ip.1.9.85.247 ) | - | - | High
2 | [1.9.85.248 ](https://vuldb.com/?ip.1.9.85.248 ) | - | - | High
3 | [1.9.85.249 ](https://vuldb.com/?ip.1.9.85.249 ) | - | - | High
4 | [1.9.85.252 ](https://vuldb.com/?ip.1.9.85.252 ) | - | - | High
5 | [1.9.85.253 ](https://vuldb.com/?ip.1.9.85.253 ) | - | - | High
6 | [1.9.85.254 ](https://vuldb.com/?ip.1.9.85.254 ) | - | - | High
7 | [2.192.0.94 ](https://vuldb.com/?ip.2.192.0.94 ) | - | - | High
8 | [2.192.1.120 ](https://vuldb.com/?ip.2.192.1.120 ) | - | - | High
9 | [2.192.6.144 ](https://vuldb.com/?ip.2.192.6.144 ) | - | - | High
10 | [2.192.7.244 ](https://vuldb.com/?ip.2.192.7.244 ) | - | - | High
11 | [2.192.67.0 ](https://vuldb.com/?ip.2.192.67.0 ) | - | - | High
12 | [2.192.71.115 ](https://vuldb.com/?ip.2.192.71.115 ) | - | - | High
13 | [2.192.74.124 ](https://vuldb.com/?ip.2.192.74.124 ) | - | - | High
14 | [2.229.24.16 ](https://vuldb.com/?ip.2.229.24.16 ) | 2-229-24-16.ip194.fastwebnet.it | - | High
15 | [2.229.32.106 ](https://vuldb.com/?ip.2.229.32.106 ) | 2-229-32-106.ip194.fastwebnet.it | - | High
16 | [2.230.110.137 ](https://vuldb.com/?ip.2.230.110.137 ) | - | - | High
17 | [12.34.226.34 ](https://vuldb.com/?ip.12.34.226.34 ) | - | - | High
18 | [12.172.90.242 ](https://vuldb.com/?ip.12.172.90.242 ) | - | - | High
19 | [12.191.39.162 ](https://vuldb.com/?ip.12.191.39.162 ) | - | - | High
20 | [12.191.39.163 ](https://vuldb.com/?ip.12.191.39.163 ) | - | - | High
21 | [12.191.39.164 ](https://vuldb.com/?ip.12.191.39.164 ) | - | - | High
22 | [12.191.39.165 ](https://vuldb.com/?ip.12.191.39.165 ) | - | - | High
23 | [12.191.39.166 ](https://vuldb.com/?ip.12.191.39.166 ) | - | - | High
24 | [24.39.220.218 ](https://vuldb.com/?ip.24.39.220.218 ) | rrcs-24-39-220-218.nys.biz.rr.com | - | High
25 | [24.96.94.11 ](https://vuldb.com/?ip.24.96.94.11 ) | static-24-96-94-11.knology.net | - | High
26 | [24.199.247.222 ](https://vuldb.com/?ip.24.199.247.222 ) | webmail.capefearclinic.org | - | High
27 | [24.227.240.210 ](https://vuldb.com/?ip.24.227.240.210 ) | rrcs-24-227-240-210.sw.biz.rr.com | - | High
28 | [24.227.240.211 ](https://vuldb.com/?ip.24.227.240.211 ) | rrcs-24-227-240-211.sw.biz.rr.com | - | High
29 | [37.26.183.94 ](https://vuldb.com/?ip.37.26.183.94 ) | 37.26.183.94.not.updated.openip-cs.net | - | High
30 | [37.71.147.186 ](https://vuldb.com/?ip.37.71.147.186 ) | 186.147.71.37.rev.sfr.net | - | High
31 | [37.99.163.162 ](https://vuldb.com/?ip.37.99.163.162 ) | 37.99.163-162.static.go.com.sa | - | High
32 | [37.99.163.163 ](https://vuldb.com/?ip.37.99.163.163 ) | - | - | High
33 | [37.99.163.164 ](https://vuldb.com/?ip.37.99.163.164 ) | mail.ftl.com.sa | - | High
34 | [37.99.163.165 ](https://vuldb.com/?ip.37.99.163.165 ) | 37.99.163-165.static.go.com.sa | - | High
35 | [37.99.163.166 ](https://vuldb.com/?ip.37.99.163.166 ) | 37.99.163-166.static.go.com.sa | - | High
36 | [41.142.240.197 ](https://vuldb.com/?ip.41.142.240.197 ) | - | - | High
37 | [50.192.49.210 ](https://vuldb.com/?ip.50.192.49.210 ) | 50-192-49-210-static.hfc.comcastbusiness.net | - | High
38 | ... | ... | ... | ...
2023-06-06 08:26:07 +00:00
There are 146 more IOC items available. Please use our online service to access the data.
2022-02-25 16:50:23 +00:00
## References
The following list contains _external sources_ which discuss the actor and the associated activities:
2022-08-04 10:18:19 +00:00
* https://1275.ru/ioc/45/cyclops-blink-botnet-ioc/
2022-02-25 16:50:23 +00:00
* https://www.ncsc.gov.uk/files/Cyclops-Blink-Malware-Analysis-Report.pdf
## Literature
The following _articles_ explain our unique predictive cyber threat intelligence:
* [VulDB Cyber Threat Intelligence Documentation ](https://vuldb.com/?kb.cti )
* [Cyber Threat Intelligence - Early Anticipation of Attacks ](https://www.scip.ch/en/?labs.20201022 )
## License
2023-01-23 11:25:30 +00:00
(c) [1997-2023 ](https://vuldb.com/?kb.changelog ) by [vuldb.com ](https://vuldb.com/?kb.about ). All data on this page is shared under the license [CC BY-NC-SA 4.0 ](https://creativecommons.org/licenses/by-nc-sa/4.0/ ). Questions? Check the [FAQ ](https://vuldb.com/?kb.faq ), read the [documentation ](https://vuldb.com/?kb ) or [contact us ](https://vuldb.com/?contact )!