HIGHLY_SUSPICIOUS (1) campaign cataloged at 2024-11-26(2).

1. Packages that are likely malicious, but due to the obfuscation level, lack of time or clear indicators it's hard to say what exactly they do; the highest risk of false positives.
2. This is just the date of creating the catalog entry. It may not reflect the date of creation of the campaign itself.

2024-11-taoreg

Suspicious package offering registration in the bittensor blockchain network. The code is obfuscated, the website newly registered and still empty. Code looks like doing what it's supposed to by calling some IPs. It may be a legit, but just starting service, or something malicious.

Abuse categories

crypto-related

Campaign uses crypto-related.

obfuscation

Campaign uses obfuscation.

IoCs & related URLs

URLs with payloads, characteristic domains, C&C IPs, repositories with malicious code, etc.

• taoreg.com

• 64.247.206.58

• 83.143.115.105

Packages in the campaign

campaign:2024-11-taoreg

• taoreg