ThreatFox IOC Database

You are viewing the ThreatFox database entry for domain pack.nppacks.com.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1805303
IOC: pack.nppacks.com
IOC Type :domain
Threat Type :botnet_cc
Malware: Unknown malware
Confidence Level : Confidence level is moderate (49%)
Is compromised? : False
ASN:AS14618 AMAZON-AES
Country:- US
First seen:2026-05-03 15:39:43 UTC
Last seen:2026-05-03 13:59:15 UTC
UUID:43afc611-46f8-11f1-8759-42010aa4000a
Reporter johannes
Reward 5 credits from ThreatFox
Tags:Broomstick payload PhantomRaven
Reference: https://securityboulevard.com/2026/05/phantomraven-wave-5-new-undocumented-npm-supply-chain-campaign-targets-defi-cloud-and-ai-developers/

Avatar
johannes
Primary domain, from the Security Boulevard report "PhantomRaven Wave 5: New Undocumented NPM Supply Chain Campaign Targets DeFi, Cloud, and AI Developers". See all IOC from that report at https://rosti.dev/reports/6SFmoQ8F