Our threat intelligence platform – SDINET, ingests DNS data from various sources. Our security researchers have detected a phishing campaign wherein the adversaries have registered domain names impersonating brands such as Adidas and Nike.
Adidas AG is a German multinational corporation, founded and headquartered in Herzogenaurach, Bavaria, that designs and manufactures shoes, clothing and accessories. It is the largest sportswear manufacturer in Europe, and the second largest in the world, after Nike.[5][6] It is the holding company for the Adidas Group, which consists 8.33% stake of the football club Bayern München,[7] and Runtastic, an Austrian fitness technology company. Adidas’s revenue for 2018 was listed at €21.915 billion.1
1. Phishing domain name – adidass.us.com
Threat Indicators Summary
1. adidass.us.com is a domain name impersonating adidas.com and was registered on 2021-06-14
2. Domain registrar – Namecheap, Inc
2. adidass.us.com resolves to 167.160.29.189
3. 167.160.29.189 is an IP address under AS59447 ( Istanbuldc Veri Merkezi Ltd Sti, TR)
4. AS59447 ( Istanbuldc Veri Merkezi Ltd Sti) is based in Turkey
5. Passive DNS analysis of 167.160.29.189 produces similar typo squatting domains impersonating other brands such as Nike
2. Phishing domain name – nikesoutletfactory.us.com
Threat Indicators Summary
1. nikesoutletfactory.us.com is a domain name impersonating adidas.com and was registered on 2021-03-24
2. Domain registrar – Namecheap, Inc
2. adidass.us.com resolves to 167.160.29.189
3. 167.160.29.189 is an IP address under AS59447 ( Istanbuldc Veri Merkezi Ltd Sti, TR)
4. AS59447 ( Istanbuldc Veri Merkezi Ltd Sti) is based in Turkey
5. Passive DNS analysis of 167.160.29.189 produces similar typo squatting domains impersonating other brands such as Nike
The visual indicators among the domain names adidass.us.com and nikesoutletfactory.us.com is the usage of the same phishing kit.
Passive DNS Analysis report
nikeshoess.ca.
img.nikeshoess.ca.
monclerjacket.com.co.
trainersshop.org.uk.
jordan1high.us.
golden-gooses.us.
jordansretro3.us.
lebron16shoes.us.
goldengoosecom.us.
jordan11sshoes.us.
pandoracharmscom.us.
air-jordansneakers.us.
wholesaleshoescheap.us.
wholesaleshoesclothing.us.
wholesaleairjordanscheap.us.
jordan4s.uk.com.
img.jordan4s.uk.com.
www.jordan4s.uk.com.
trainerssale.uk.com.
img.trainerssale.uk.com.
www.trainerssale.uk.com.
nikestrainers.uk.com.
img.nikestrainers.uk.com.
www.nikestrainers.uk.com.
charmsbracelet.uk.com.
www.charmsbracelet.uk.com.
trainersforsale.uk.com.
jewelrynecklacerings.uk.com.
nmd.us.com.
www.nmd.us.com.
adidass.us.com.
pandoras.us.com.
air-max90.us.com.
nikesbdunk.us.com.
nmdsadidas.us.com.
jordan11low.us.com.
nike–shoes.us.com.
airjordan11s.us.com.
goldensgoose.us.com.
jordanretros.us.com.
air-jordans11.us.com.
nikeairforces.us.com.
nikehuaraches.us.com.
nikeairjordan1.us.com.
asicsgel-kayano.us.com.
cheapnikesshoes.us.com.
monclerjacketss.us.com.
newjordansshoes.us.com.
outletnikestore.us.com.
yeezyboost350v2.us.com.
adidasshoeswomen.us.com.
img.adidasshoeswomen.us.com.
www.adidasshoeswomen.us.com.
nikeoutletstores.us.com.
nikeshoesonlines.us.com.
nikesoutletstore.us.com.
nikestorefactory.us.com.
airjordansneakers.us.com.
nikestoresfactory.us.com.
jordan-shoesformen.us.com.
www.jordan-shoesformen.us.com.
monclercoatfactory.us.com.
monclerstoreoutlet.us.com.
nikeoutlet-factory.us.com.
nikesoutletfactory.us.com.
goldengoosesneakerss.us.com.
nikesneakersforwomen.us.com.
monclersjacketsoutlet.us.com.
nikewholesalesuppliers.us.com.
pandorajewelry-outlets.us.com.
www.pandorajewelry-outlets.us.com.
nikeslidessandalsslipers.us.com.
wholesalenikeshoesonline.us.com.
christianlouboutinshoesinc.us.com.
pandorabracelets-clearance.us.com.
nikeoutletstore-onlineshopping.us.com.
underfeathering.backmoreover.com.
awol189.bookcorneronline.com.
peddler189.bookcorneronline.com.
jordanretroshoes.us.org.
jordanswholesale.us.org.
Blocking such threats real-time is vital. If you are interested to evaluate our threat intelligence or block threats real-time using Protective DNS, please reach out to us at sdinet@shreshtait.com
