From e35280f5a2e2cfa34d4ef1169b622f625ad96ed7 Mon Sep 17 00:00:00 2001
From: Anurag Saini <53658773+anurag-inias@users.noreply.github.com>
Date: Mon, 25 Oct 2021 10:10:55 +0530
Subject: [PATCH] Added crypto domain

This domain appears in an email spam campaign. The email has gibberish subject and title, and seems to propagate when victim opens the attached `xhtml` file. This file has JS code set on execute on page open and redirects user to `btcminings.site`. The actual url is encoded as base64.
---
 crypto.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/crypto.txt b/crypto.txt
index d4a62c4..fc303cb 100644
--- a/crypto.txt
+++ b/crypto.txt
@@ -2357,6 +2357,7 @@
 0.0.0.0 btcg.miningspeed.com
 0.0.0.0 btcguild.com
 0.0.0.0 btchc.pool.mn
+0.0.0.0 btcminings.site
 0.0.0.0 btcnos.com
 0.0.0.0 btcp-api.suprnova.cc
 0.0.0.0 btcp-eu.coinblockers.com
-- 
2.47.2