Intel Name: Cybersquatting of domains using new tlds .diy and .food
Date of Scan: October 18, 2024
Impact: Medium
Summary: The cyber campaign has expanded to include new TLDs, specifically .diy and .food. Initially, threat actors utilized the domain choto[.]xyz as a traffic redirection service through April 2024 but have since switched to choto[.]click while maintaining the same URL paths. Ongoing monitoring of newly registered domains is planned to identify and track emerging trends and attack campaigns.