# Copyright (c) 2014-2021 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: solorigate, sunburst

# Reference: https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html
# Reference: https://blog.talosintelligence.com/2020/12/solarwinds-supplychain-coverage.html
# Reference: https://www.volexity.com/blog/2020/12/14/dark-halo-leverages-solarwinds-compromise-to-breach-organizations/
# Reference: https://unit42.paloaltonetworks.com/fireeye-solarstorm-sunburst/
# Reference: https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/sunburst-supply-chain-attack-solarwinds
# Reference: https://twitter.com/_CPResearch_/status/1339952318717063168
# Reference: https://otx.alienvault.com/pulse/5fd6df943558e0b56eaf3da8
# Reference: https://otx.alienvault.com/pulse/5fdce61ef056eff2ce0a90de

avsvmcloud.com
databasegalore.com
deftsecurity.com
digitalcollege.org
ervsystem.com
freescanonline.com
globalnetworkissues.com
highdatabase.com
incomeupdate.com
infinitysoftwares.com
kubecloud.com
lcomputers.com
panhardware.com
seobundlekit.com
solartrackingsystem.net
thedoccloud.com
virtualdataserver.com
virtualwebdata.com
webcodez.com
websitetheme.com
zupertech.com
appsync-api.eu-west-1.avsvmcloud.com
appsync-api.us-east-1.avsvmcloud.com
appsync-api.us-east-2.avsvmcloud.com
appsync-api.us-west-2.avsvmcloud.com
6a57jk2ba1d9keg15cbg.appsync-api.eu-west-1.avsvmcloud.com
7sbvaemscs0mc925tb99.appsync-api.us-west-2.avsvmcloud.com
gq1h856599gqh538acqn.appsync-api.us-west-2.avsvmcloud.com
ihvpgv9psvq02ffo77et.appsync-api.us-east-2.avsvmcloud.com
k5kcubuassl3alrf7gm3.appsync-api.eu-west-1.avsvmcloud.com
mhdosoksaccf9sni9icp.appsync-api.eu-west-1.avsvmcloud.com
