Threat intelligence API Docs Pricing Solutions Resources Contact us

Threat reports

Read other reports

Hot on the DNS Trail of the 16shop Phishing Kit Operators





16shop has been enabling tons of attacks against the customers of high-profile companies since 2018. The good news is that last month, law enforcers nabbed two of its alleged operators in Indonesia and Japan.1

We couldn’t help but wonder, though, if the arrests mean the end for the phishing kit. To find out, the TIP researchers expanded the list of published indicators of compromise (IoCs)2 to identify other web properties that could put users at risk. Our DNS deep dive led to the discovery of:

  • Five unreported IP addresses to which four of the domains identified as IoCs resolved, two of which are currently detected by various engines as malware hosts
  • 30 domains hosted on connected IP addresses, one of which is classified as malicious based on a bulk malware check
  • 18,688 domains containing the brand names being abused in the campaigns Trend Micro analyzed, 337 of which are already considered malicious based on a bulk malware check

Download a sample of the threat research materials now or contact us to access the complete set of research materials.

  • [1] https://www.trendmicro.com/en_us/research/23/i/revisiting-16shop-phishing-kit-trend-interpol-partnership.html
  • [2] https://otx.alienvault.com/pulse/64f6d5bc3226451dfc4ea8eb
Read other reports
To download the full report in PDF, please fill in the form.
I have read and agree to the Terms of Service and Privacy Policy
Please keep me updated on news, events, and offers.

Try our Threat Intelligence API for free

Get FREE trial
Have questions?

We work hard to improve our services for you. As part of that, we welcome your feedback, questions and suggestions. Please let us know your thoughts and feelings, and any way in which you think we can improve our product.

For a quick response, please select the request type that best suits your needs.

Or shoot us an email to

Threat Intelligence Platform uses cookies to provide you with the best user experience on our website. They also help us understand how our site is being used. Find out more here. By continuing to use our site you consent to the use of cookies.