Intel Name: Infrastructure updates for apateweb campaign
Date of Scan: November 21, 2024
Impact: Medium
Summary: The ApateWeb campaign has significantly expanded its infrastructure in 2024, with over 2,400 new domains emerging this year alone. This increase, coupled with the discovery of 5 new IP addresses hosting its entry points, signals a growing threat. The campaign continues to register more than 200 domains each month, using random English word combinations with a .com TLD. These updates indicate that the threat actors behind ApateWeb are intensifying their efforts to distribute scareware and potentially unwanted programs (PUPs), making detection and mitigation more challenging.