# Cyclops Blink - Cyber Threat Intelligence These _indicators_ were reported, collected, and generated during the [VulDB CTI analysis](https://vuldb.com/?kb.cti) of the actor known as [Cyclops Blink](https://vuldb.com/?actor.cyclops_blink). The _activity monitoring_ correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique _predictive model_ uses _big data_ to forecast activities and their characteristics. _Live data_ and more _analysis capabilities_ are available at [https://vuldb.com/?actor.cyclops_blink](https://vuldb.com/?actor.cyclops_blink) ## IOC - Indicator of Compromise These _indicators of compromise_ (IOC) indicate associated network resources which are known to be part of research and attack activities of Cyclops Blink. ID | IP address | Hostname | Campaign | Confidence -- | ---------- | -------- | -------- | ---------- 1 | [1.9.85.247](https://vuldb.com/?ip.1.9.85.247) | - | - | High 2 | [1.9.85.248](https://vuldb.com/?ip.1.9.85.248) | - | - | High 3 | [1.9.85.249](https://vuldb.com/?ip.1.9.85.249) | - | - | High 4 | [1.9.85.252](https://vuldb.com/?ip.1.9.85.252) | - | - | High 5 | [1.9.85.253](https://vuldb.com/?ip.1.9.85.253) | - | - | High 6 | [1.9.85.254](https://vuldb.com/?ip.1.9.85.254) | - | - | High 7 | [2.192.0.94](https://vuldb.com/?ip.2.192.0.94) | - | - | High 8 | [2.192.1.120](https://vuldb.com/?ip.2.192.1.120) | - | - | High 9 | [2.192.6.144](https://vuldb.com/?ip.2.192.6.144) | - | - | High 10 | [2.192.7.244](https://vuldb.com/?ip.2.192.7.244) | - | - | High 11 | [2.192.67.0](https://vuldb.com/?ip.2.192.67.0) | - | - | High 12 | [2.192.71.115](https://vuldb.com/?ip.2.192.71.115) | - | - | High 13 | [2.192.74.124](https://vuldb.com/?ip.2.192.74.124) | - | - | High 14 | [2.229.24.16](https://vuldb.com/?ip.2.229.24.16) | 2-229-24-16.ip194.fastwebnet.it | - | High 15 | [2.229.32.106](https://vuldb.com/?ip.2.229.32.106) | 2-229-32-106.ip194.fastwebnet.it | - | High 16 | [2.230.110.137](https://vuldb.com/?ip.2.230.110.137) | - | - | High 17 | [12.34.226.34](https://vuldb.com/?ip.12.34.226.34) | - | - | High 18 | [12.172.90.242](https://vuldb.com/?ip.12.172.90.242) | - | - | High 19 | [12.191.39.162](https://vuldb.com/?ip.12.191.39.162) | - | - | High 20 | [12.191.39.163](https://vuldb.com/?ip.12.191.39.163) | - | - | High 21 | [12.191.39.164](https://vuldb.com/?ip.12.191.39.164) | - | - | High 22 | [12.191.39.165](https://vuldb.com/?ip.12.191.39.165) | - | - | High 23 | [12.191.39.166](https://vuldb.com/?ip.12.191.39.166) | - | - | High 24 | [24.39.220.218](https://vuldb.com/?ip.24.39.220.218) | rrcs-24-39-220-218.nys.biz.rr.com | - | High 25 | [24.96.94.11](https://vuldb.com/?ip.24.96.94.11) | static-24-96-94-11.knology.net | - | High 26 | [24.199.247.222](https://vuldb.com/?ip.24.199.247.222) | webmail.capefearclinic.org | - | High 27 | [24.227.240.210](https://vuldb.com/?ip.24.227.240.210) | rrcs-24-227-240-210.sw.biz.rr.com | - | High 28 | [24.227.240.211](https://vuldb.com/?ip.24.227.240.211) | rrcs-24-227-240-211.sw.biz.rr.com | - | High 29 | [37.26.183.94](https://vuldb.com/?ip.37.26.183.94) | 37.26.183.94.not.updated.openip-cs.net | - | High 30 | [37.71.147.186](https://vuldb.com/?ip.37.71.147.186) | 186.147.71.37.rev.sfr.net | - | High 31 | [37.99.163.162](https://vuldb.com/?ip.37.99.163.162) | 37.99.163-162.static.go.com.sa | - | High 32 | [37.99.163.163](https://vuldb.com/?ip.37.99.163.163) | - | - | High 33 | [37.99.163.164](https://vuldb.com/?ip.37.99.163.164) | mail.ftl.com.sa | - | High 34 | [37.99.163.165](https://vuldb.com/?ip.37.99.163.165) | 37.99.163-165.static.go.com.sa | - | High 35 | [37.99.163.166](https://vuldb.com/?ip.37.99.163.166) | 37.99.163-166.static.go.com.sa | - | High 36 | [41.142.240.197](https://vuldb.com/?ip.41.142.240.197) | - | - | High 37 | [50.192.49.210](https://vuldb.com/?ip.50.192.49.210) | 50-192-49-210-static.hfc.comcastbusiness.net | - | High 38 | ... | ... | ... | ... There are 146 more IOC items available. Please use our online service to access the data. ## References The following list contains _external sources_ which discuss the actor and the associated activities: * https://1275.ru/ioc/45/cyclops-blink-botnet-ioc/ * https://www.ncsc.gov.uk/files/Cyclops-Blink-Malware-Analysis-Report.pdf ## Literature The following _articles_ explain our unique predictive cyber threat intelligence: * [VulDB Cyber Threat Intelligence Documentation](https://vuldb.com/?kb.cti) * [Cyber Threat Intelligence - Early Anticipation of Attacks](https://www.scip.ch/en/?labs.20201022) ## License (c) [1997-2023](https://vuldb.com/?kb.changelog) by [vuldb.com](https://vuldb.com/?kb.about). All data on this page is shared under the license [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). Questions? Check the [FAQ](https://vuldb.com/?kb.faq), read the [documentation](https://vuldb.com/?kb) or [contact us](https://vuldb.com/?contact)!