VERY IMPORTANT

The report details an analysis of a smishing campaign involving domains disguising themselves as Apple services to trick users into divulging their login credentials or device information. By leveraging Validin's comprehensive passive DNS data and pivoting capabilities, the analysts were able to uncover a large infrastructure of related malicious domains used in the campaign, painting a clearer picture of the threat actor's tactics and enabling the creation of robust block lists.