# Copyright (c) 2014-2020 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: dmsspy, lightspy

# Reference: https://documents.trendmicro.com/assets/Tech-Brief-Operation-Poisoned-News-Hong-Kong-Users-Targeted-with-Mobile-Malware-via-Local-News-Links.pdf
# Reference: https://otx.alienvault.com/pulse/5e7a2cf3969629482c97c6b5

facebooktoday.cc
googlephoto.vip
hkrevolt.com
hkrevolution.club
messager.cloud
poorgoddaay.com

# Reference: https://securelist.com/ios-exploit-chain-deploys-lightspy-malware/96407/

103.19.9.185:80
103.19.9.185:3389
45.134.0.123:8002
45.134.1.180:50001
45.83.237.13:8088
/963852poi/login
/963852oiu/login
xxinc-media.oss-cn-shenshen.aliyuncs.com
