ThreatFox IOC Database

You are viewing the ThreatFox database entry for domain wrned.com.

Database Entry

Add tag Delete this IOC  Report False Positive Export IOC (JSON)    Export IOC (CSV)
IOC ID:1811024
IOC: wrned.com
IOC Type :domain
Threat Type :botnet_cc
Malware: Unknown malware
Confidence Level : Confidence level is moderate (49%)
Is compromised? : False
ASN:AS13335 CLOUDFLARENET
Country:- US
First seen:2026-05-12 14:52:10 UTC
Last seen:2026-05-11 17:10:16 UTC
UUID:ec2b0db9-4d37-11f1-b930-42010aa4000a
Reporter johannes
Reward 5 credits from ThreatFox
Reference: https://blog.xlab.qianxin.com/mr_rot13-the-elusive-6-year-hacker-group-weaponizing-critical-cpanel-flaws-for-backdoor-deployment_cn/

Avatar
johannes
From the XLab report "秘密活动6年的神秘黑客组织Mr_Rot13正在利用cPanel高危漏洞部署后门木马". See all IOC from that report at https://rosti.dev/reports/aI2wNSCg