Finding SUNBURST victims and targets by using passive DNS, OSINT

Decrypting SUNBURST domains

Passive DNS and the post-December noise

a small portion of passive DNS data on avsmcloud[.]com

The SUNBURST Puzzles

Example of tweaking for GUID ‘5EC540468DC722FF’
Overview of data in the sheet mentioned above.

“the full extent of this breach will most likely never be communicated to the public, and instead will be restricted to trusted parts of the intelligence community.”

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store