Large scale phishing campaign quickly utilises Legacy Authentication before Microsoft disables it

Malicious IPV6 address

2a00:1838:2a:1505:c267:afff:fe70:f4de

Server used to submit username/password to

burilink[.]xyz

Server used to submit username/password to

zahedlink[.]xyz

Server used to submit username/password to

zipardlink[.]xyz

Domain

auth-login-0t1nnwrd3znvr4g598gygyey1em0jzsm782d38867qx.website.yandexcloud[.]net

Domain

auth-login-1shun1uph7exdiqi5jxipzfloj2dv0m0cel5aq03mmhqn.website.yandexcloud[.]net

Domain

auth-login-3ll3ktz0dc6pgqpiknz9wil9bhfc2b07yj7aju5ag7shi.website.yandexcloud[.]net

Domain

auth-login-79o87gxwbej5pu1m8lg6hf8jeuednx9jcl4nr4aufqujh.website.yandexcloud[.]net

Domain

auth-login-9egij6e1ojge075onlcdm01hhxpy72d589w1afdwyb789.website.yandexcloud[.]net

Domain

auth-login-dixd8l4w4umrzadx5ruhx8tgix0gml37lmtpxub09gbo7.website.yandexcloud[.]net

Domain

auth-login-g0897rtqd540nsmvlptoayrywzc2j4kn1iusbi7z.website.yandexcloud[.]net

Domain

auth-login-hczd80h2ld3lkdndf6619l0rny21oqr6m6unt8scpiv5y.website.yandexcloud[.]net

Domain

auth-login-htwwqb1zukg6gxqyyp88gq1lavdc8mno1zptenc7u8qz3.website.yandexcloud[.]net

Domain

auth-login-krml5bdji2f5gicz5rfgmetpasz492uwblasi2npcjk5r.website.yandexcloud[.]net

Domain

auth-login-q5v7bitmwxbzj3yjcgi2v1gvsakvuqrvvjjlvr798czzc.website.yandexcloud[.]net

Domain

auth-login-ty7cde5sdla6or6gj5w2mrmnr4073ff2zodtgyr1h1qum.website.yandexcloud[.]net

Domain

auth-login-v2iajd89d9deam6jm3n3ukdtyas3yp9hr6jyphmv.website.yandexcloud[.]net

Domain

auth-login-v2iajd89d9deamk5m3n3ukdjdas3yp9hr6jyphmv.website.yandexcloud[.]net

Domain

auth-login-v2og2iajd89d9deam6jm3n3ukdtyas3yp9hr6jyphmv.website.yandexcloud[.]net

Domain

auth-sign-01hj4s1r0qa4joet2ubr560nhq292n5yynhqdvfq1w158.website.yandexcloud[.]net

Domain

auth-sign-0qiv8a03gxwftx8d4944i0basoj0kan1c46n0yaqwctcp.website.yandexcloud[.]net

Domain

auth-sign-5zk6sgqoxz32dfsig8a3n5azcg7g7tyjsnewv2dv.website.yandexcloud[.]net

Domain

auth-sign-aiqoo4z1qacqodq3vv1t79dr9pasn795yzep6k2dk5kke.website.yandexcloud[.]net

Domain

auth-sign-bnwd5mcjpbaidqjz52ufim5xzcgxl0bzbgyy4dfrfewoc.website.yandexcloud[.]net

Domain

auth-sign-byhf38ambxxqi89rz20slcjbrti87fbu0fj6ijvlty845.website.yandexcloud[.]net

Domain

auth-sign-juc3c3kip0zmejagsh6ty5nwgjdi8ilucmqx76s1.website.yandexcloud[.]net

Domain

auth-sign-k23ey2nb5fdcoqf9stj1o0de2lqb38rl0iwpg52adgkrq.website.yandexcloud[.]net

Domain

auth-sign-k53hu5h42kmsj6zvavy1cnkcve2b5972erulwx04s76b1.website.yandexcloud[.]net

Domain

auth-sign-mfxx6syxr6p1zvdrmdl87zhfsmb0unhn67oxcw385eei3.website.yandexcloud[.]net

Domain

auth-sign-mvj2xf5bruvnthpdzkf9le1e9uri9fv325zzrkupn7i6n.website.yandexcloud[.]net

Domain

auth-sign-o77rhuayltoa32ou295ngkvnv3etchmvahhl3d89m3cwp.website.yandexcloud[.]net

Domain

auth-sign-pjrnbyecabna1wqfbquzudje2e39y1l443dz3d22.website.yandexcloud[.]net

Domain

auth-sign-plflhaz1dnprntnpb4p9wnnpmwm1spvoywjv8bjetmrph.website.yandexcloud[.]net

Domain

auth-sign-tyepcsrej0jpqofdhcszj11c5nh2knb2xn4krme61luss.website.yandexcloud[.]net

Domain

auth-sign-w2shd0wwd6k9h1bnrc7wgytvbvkmbtcolbymul8ezw3uu.website.yandexcloud[.]net

Domain

auth-sign-w2wuol7vxn2yr9v99ch6v8wzbsd3yp9hr6jyphmv.website.yandexcloud[.]net

Domain

auth-sign-xn9do3v4g4724mzbkesgvg0lw6gtlckd2luw7uhx.website.yandexcloud[.]net

Domain

login-38t888ibaqec9fogtpunr8gv8vrfhy8ovpzhbbjv.website.yandexcloud[.]net

Domain

login-7ux5lxpq4otbe2lhsg54tqqjfo2yzguplail7jyl.website.yandexcloud[.]net

Domain

login-auth5ecyg0xizndz4cdguk827pmadx3n255qmf051ful1ayzc.website.yandexcloud[.]net

Domain

login-auth612hqd6myquoejl190tna3vn3zshgueqe7wzqyjgk7dk8.website.yandexcloud[.]net

Domain

login-auth86ku4h0cizaixm9mwyy6m0b4xz5rq1salcny0i49s0i01.website.yandexcloud[.]net

Domain

login-authcp7f33tlno0jd95rh0l1bgd8ynkia413fflkes3gkap2o.website.yandexcloud[.]net

Domain

login-authkpvcoyl5wm0q7dx2ab9fz4qp6gj7d0ajp0ia5hxh.website.yandexcloud[.]net

Domain

login-authn30h959ip91mh3udrkx0qkl95faaabrh7v6s329lp2wf1.website.yandexcloud[.]net

Domain

login-autht4xo79pv6z4x612xh3h9s24y1yet1twebuw4xwtehixdi.website.yandexcloud[.]net

Domain

login-authy7tpd6mea4cjfq2zq4q11svmq3m6wkllbwzdvmo4tai.website.yandexcloud[.]net

Domain

login-authyz7npkufuztg6ar76u5lakos61vy60pcy2pnttjy76l3e.website.yandexcloud[.]net

Domain

login-authztdbz93edcg7teqtrmvx2gw9eu1klbadvm7uiryo.website.yandexcloud[.]net

Domain

login-b8sx7fjkw2sby32it82zuj6d6tjz0bepshxo2c6e2ohl6.website.yandexcloud[.]net

Domain

login-be4o83hc9vxvaslsvdxyuw02sp30tud4zkrlqhtlrx64n.website.yandexcloud[.]net

Domain

login-dnxy22v94mfvcrckhygbt1j0xjhvm1xmcei0adsaw0d67.website.yandexcloud[.]net

Domain

login-fdh24x798s98vwo0msnkqvm6kbag41ztjd15gb6n.website.yandexcloud[.]net

Domain

login-o7ibhb1ia4rjxg4idm0od4mhcqmjgn5e40p9870j.website.yandexcloud[.]net

Domain

login-pydv8xuzahh8rvog07lu0ztjwdg2vlz03eqg7fydmh5pn.website.yandexcloud[.]net

Domain

login-q4e1too8kcdnvk46i7mp0kx3dgdwcsrvd0bocpzd.website.yandexcloud[.]net

Domain

login-tv6j39ruh5q97xo1f3u3ul67jln1yxuk5ruxnxn5njuxz.website.yandexcloud[.]net

Domain

login-u4vbxnfnqpfwav2l9t01osrwp3oslph42xvlcr721rk.website.yandexcloud[.]net

Domain

login-xn7jzi6jyw9eeo8yho1f6x1k9c689qzzdjcfwiocyghy9.website.yandexcloud[.]net

Domain

login-zghivnbzn00fnpg5wo7oyutjtspl857snonwo843.website.yandexcloud[.]net

Domain

login-authn30h959ip91mh3udrkx0qkl95faaabrh7v6s329lp2wf1.website.yandexcloud[.]net

Domain

sigin-2rfd55xyy31lhixsbnvxo79pr538pzmxyoh4imo2txm4x2bsi8.website.yandexcloud[.]net

Domain

sign-1uwcwngkv6addzgek46wx7attvjaromcpeeuhynjt6gne.website.yandexcloud[.]net

Domain

sign-3r8nfpjkpggpkvtqt4sv5pbc4esmb0uk0r87hnjmgzpxw.website.yandexcloud[.]net

Domain

sign-3s4kpuhvpbtljys3zc9c16hu76heb8ckht906nu35pdob.website.yandexcloud[.]net

Domain

sign-4uy5juyk7im1ugmf83tcku3hv1i8m657lx80ete7ydi4x.website.yandexcloud[.]net

Domain

sign-6rpebn7cp3utj8o1x2gy4is0v2xsuxcgbicsya9uiq9e3.website.yandexcloud[.]net

Domain

sign-88uil4pl0fpucfx7pph9k69d4zt7op37s8mp6o2pufewq.website.yandexcloud[.]net

Domain

sign-9k5lxzeas65i9wl40pcnygswla0chj5kyuvzbs1j.website.yandexcloud[.]net

Domain

sign-ajo1zyl2rgiwtakzwrq2kd6uvp58qoeix6n97a85.website.yandexcloud[.]net

Domain

sign-fwntrlrmf9v2kmu06nk56344m1y6bt1ty2m2vd4yt5jvj.website.yandexcloud[.]net

Domain

sign-ltcnxoz0cpljf6oej7a5jxai9wqiycc9z6zzi8ga9e7s9.website.yandexcloud[.]net

Domain

sign-opl30frwbffz79ny9noiyy7gwb17vgds44pn8n1s.website.yandexcloud[.]net

Domain

sign-qcpwv20zlwxdulkqv7f5hjwbmctwq35763za7b47opubv.website.yandexcloud[.]net

Domain

sign-ubl0azl7oxbvf02cqjla8wqff2o1acc0weqveoy7nj3qw.website.yandexcloud[.]net

Domain

sign-vjrctc1utf9cc2ippib7jrfb0ibgvkyvs58g1owhcksco.website.yandexcloud[.]net

Domain

sign-xuedk7ci6iyyllhilbui97h6ajufq8xr5eh9jt3o0qm.website.yandexcloud[.]net

Domain

sign-zclwo5qvsr9quu5c5lxvn9x9hg20zqws1u7itosvwuvyo.website.yandexcloud[.]net