ThreatFox IOC Database

You are viewing the ThreatFox database entry for url https://spikeliftall.com/live/.

Database Entry

This IOC expired

This IOC is an old IOC and hence has expired on 2026-06-15 01:15:01 UTC. We therefore refrain from exporting it into our datasets. As a result, this database entry is purely informational and has no impact.

IOC ID:	1307881
IOC:	https://spikeliftall.com/live/
IOC Type :	url
Threat Type :	botnet_cc
Malware:	Latrodectus
Malware alias:	BLACKWIDOW, IceNova, Latrodectus, Lotus
Confidence Level :	Confidence level is moderate (49%)
Is compromised? :	False
ASN:	AS63949 AKAMAI-LINODE-AP
Country:	US
First seen:	2024-08-09 06:41:30 UTC
Last seen:	2024-11-29 19:21:46 UTC
UUID:	2718402e-558e-11ef-bfcd-42010aa4000a
Reporter	johannes
Reward	5 credits from ThreatFox
Reference:	https://cyble.com/blog/double-trouble-latrodectus-and-acr-stealer-observed-spreading-via-google-authenticator-phishing-site/

johannes

C&C of Latrodectus, from the Cyble report "Double Trouble: Latrodectus and ACR Stealer observed spreading via Google Authenticator Phishing Site". See all IOC from that report at https://rosti.bin.re/reports/MjcurAyO