Timehop Security Incident, July 4th, 2018
Attack Intelligence
UPDATED ON JULY 11TH, 2018 10:12
(See main post here)
(See technical post here)
The attackers began their attack on December 19, 2017 at 16:54:37 UTC. The information security community may find interesting the data contained in the spreadsheet linked to here that contains 3,683 rows of data showing the Source IP address, the date, and the time of each action currently known by the attackers.
We release this information in the hopes that information security researchers and intelligence analysts may use it to examine the tactics of the attacker, correlate the data with other known attacks or reconnaissance activities, or use it in ways we can not imagine. We do this in the belief that sharing of data, information, and intelligence is often the best way to make us all more secure.
The data looks like this:
| Source IP Address | Event Date | Event Time | 93.190.142.106 | 2017-12-19 | 16:54:37Z |
|---|---|---|
| 93.190.142.106 | 2017-12-19 | 16:54:38Z |
| 93.190.142.106 | 2017-12-19 | 16:54:39Z |
| 93.190.142.106 | 2017-12-19 | 16:54:40Z |
| 93.190.142.106 | 2017-12-19 | 16:56:18Z |
| 93.190.142.106 | 2017-12-19 | 16:56:21Z |
| 93.190.142.106 | 2017-12-19 | 16:56:34Z |
| 93.190.142.106 | 2017-12-19 | 16:56:41Z |
| 93.190.142.106 | 2017-12-19 | 16:56:45Z |
| 93.190.142.106 | 2017-12-19 | 16:56:46Z |
| ... Another 3673 rows | ||