DNS Security & Threat Intelligence Blog | Shreshta

SBI Crypto Investment Campaign

Shreshta Threat Research — Tue, 30 Sep 2025 11:51:11 +0000

Shreshta Threat Research has uncovered a SBI crypto investment campaign targeting cryptocurrency users across Japan, Vietnam, South Korea, China, Thailand, and the United Kingdom. Executive Summary SBI Investment Co., Ltd is the core company in the SBI Group’s Investment Business. It is one of the leading venture capital firm in Japan. Initial domain level indicators […]

The post SBI Crypto Investment Campaign appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

Crypto & Investment scams exploiting the Tesla brand

Shreshta Threat Research — Tue, 27 May 2025 09:58:27 +0000

Shreshta Threat Research has detected crypto & investment scams exploiting the Tesla brand. Executive Summary In recent months, there has been a significant surge in crypto and investment scams exploiting the Tesla brand, particularly targeting cryptocurrency enthusiasts and investors. Scammers are capitalizing on Tesla’s global reputation, its high media visibility, and CEO Elon Musk’s vocal […]

The post Crypto & Investment scams exploiting the Tesla brand appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

Digital Arrest Scam – How scammers use fake documents & exploit legal fears

Shreshta Threat Research — Tue, 15 Oct 2024 08:09:36 +0000

One of the latest cyber crime campaigns doing the rounds in India is the Digital Arrest Scam. The scammers use fake arrest warrant documents and threats to intimidate people into revealing personal information or paying money. The objective of the scammer is to scare and instill fear in the mind of the victim and act […]

The post Digital Arrest Scam – How scammers use fake documents & exploit legal fears appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

Zerodha users targeted with a pig-butchering scam

Vivek Halappanavar and Swapneel Patnekar — Wed, 11 Sep 2024 08:04:56 +0000

Threat researchers at Shreshta have uncovered a pig-butchering scam targeting Zerodha users. The phishing websites are impersonating Zerodha, a reputed stockbroking and financial services company, duping investors into investing in fake crypto and investment schemes. What is a pig-butchering scam? A pig butchering scam, a.k.a. “Sha Zhu Pan” or Shazhupan, (Chinese: 杀猪盘), translated as Killing […]

The post Zerodha users targeted with a pig-butchering scam appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

Whois API free

Swapneel Patnekar — Mon, 26 Aug 2024 17:15:48 +0000

Are you looking for a reliable, easy-to-use, and free Whois API? Our new Whois API service offers fast, accurate domain information data, making it an ideal solution for security researchers, SOC analysts etc The Whois API provides the creation date and registrar name. The API requires no registration or token generation. The above request, returns […]

The post Whois API free appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

Community Services

Vivek Halappanavar — Tue, 06 Aug 2024 09:30:00 +0000

This page lists the community services we offer, including our CheckOpenResolver, ShadowFinder, Newly registered domain name feeds and Whois API etc Checkopenresolver This service allows Internet users to verify if their router, firewall, or CPE (Customer Premises Equipment) device functions as an open resolver. An open resolver can be exploited in DNS amplification attacks, posing […]

The post Community Services appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

APAC DNS Forum

Vivek Halappanavar — Sat, 03 Aug 2024 07:25:01 +0000

Our CEO Swapneel Patnekar recently delivered a presentation titled “Who is living off your domain name?” at the ICANN APAC DNS Forum 2024. About APAC DNS Forum The Asia Pacific Domain Name System Forum is a meaningful platform for the regional DNS community to network, exchange ideas, and explore collaboration opportunities in relation to the […]

The post APAC DNS Forum appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

ShadowFindr – Uncover domain shadowing attacks

Swapneel Patnekar — Wed, 13 Mar 2024 16:07:29 +0000

At the DNS Community Day organized by DNS-OARC at the APRICOT 2024/APNIC 57 conference, we released ShadowFindr, a web tool to detect potential domain shadowing attacks. Who is living off your domain name? ShadowFindr is a web tool built for domain name registrants that helps identify potential domain shadowing attacks. We have written about domain […]

The post ShadowFindr – Uncover domain shadowing attacks appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

DNS-OARC DNS Community Day

Vivek Halappanavar — Tue, 12 Mar 2024 15:35:22 +0000

The DNS-OARC folks organized a DNS Community Day at the APRICOT 2024/APNIC 57 conference on 26th February 2024. About DNS-OARC The DNS Operations, Analysis, and Research Center (DNS-OARC) brings together key operators, implementors, and researchers on a trusted platform so they can coordinate responses to attacks and other concerns, share information and learn together. The […]

The post DNS-OARC DNS Community Day appeared first on DNS Security & Threat Intelligence Blog | Shreshta.

Domain shadowing

Swapneel Patnekar — Sat, 24 Feb 2024 13:15:06 +0000

Domain shadowing is a technique listed by MITRE ATT&CK as T1584.001 sub-technique of T1584 This technique is not to be confused with subdomain hijacking What is a domain shadowing attack? Threat actors gain control of the DNS control panel of legitimate domain names by brute force and stealthily insert subdomains pointing to the attackers’ network […]

The post Domain shadowing appeared first on DNS Security & Threat Intelligence Blog | Shreshta.