IOC Radar
DomainHighVerifiedSignal 45/100

certificadosuporte.com.br

Location
United StatesUnited States
First Seen
Apr 15, 2026
Last Seen
Apr 16, 2026
Apr 15
First Seen
59d ago
Apr 16
Last Seen
58d ago
6
Reports
source reports
45%
Confidence
high
Found in 6 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
45%
Signal Score
45 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

20 techniques

Feed Intelligence Summary

6 reports45% confidence
6
Source reports
45%
Confidence score
Category tags
abusealienvault_ransomwarebad reputationbanking-stealerbrazilbrute forcecredential stuffingcredential-thefteducationfinance and insuranceidentity & access exploitationindicatornetworknorth americaransomwareresearchedsession-hijackingsouth americat1005t1027t1041t1056t1056.001t1059.001t1071.001t1090t1113t1114t1176t1185t1204.001t1491.001t1539t1550.004t1552.001t1573t1583.001t1583.003threat actortor nodeunited states

Activity Timeline

1 total obs
Apr 16Apr 16

Threat Activity Heatmap

· Peak: 2026-04-16
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), the domain `certificadosuporte.com.br`, represents a critical threat associated with a sophisticated banking stealer campaign. Its significance stems from its direct involvement in the "ClickFix Campaign," a noted operation that has been observed force-installing malicious Chrome extensions. Such an attack vector poses an extreme risk of financial fraud, credential theft, and unauthorized access to sensitive user data. If left unaddressed, this threat could le…

Threat ScoreMedium Risk
45
SIGNAL
Signal Score
45%
Confidence
6
Reports
First seenApr 15, 2026
Last seenApr 16, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

domain rank
-1
raw
Create date: 2026-01-26 00:00:00 Domain name: certificadosuporte.com.br Expiry date: 2027-01-26 00:00:00 Name server 1: jake.ns.cloudflare.com Name server 2: chan.ns.cloudflare.com Query time: 2026-01-28 14:46:22 Registrant country: Brazil Registrant email: [email protected] Registrant name: ba8bb349fa78b948 Technical country: Brazil Technical email: [email protected] Update date: 2026-01-26 00:00:00
references
https://intel.breakglass.tech/post/clickfix-chrome-extension-banking-stealer-59-victims-unauthenticated-c2, IOCs.April.pdf
subdomains count
0

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 month ago · Last seen 1 month ago
Appeared in 6 threat reports