Red October – Indicators of compromise

“Red October” is a high-level cyber-espionage campaign that has been active for over 5 years and the discovery was announced on January 14, 2013 by Kaspersky Lab.

Below is a list of domains and IPs used in the attack. These lists can help system administrators spot infections on their network. The information is taken from the PDF at


Command and Control domains

Leave a Reply

Your email address will not be published. Required fields are marked *