mastodon.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
The original server operated by the Mastodon gGmbH non-profit

Administered by:

Server stats:

279K
active users

#threatintelligence

124 posts26 participants10 posts today

We have detected a recent malware campaign originating from a Türkiye IP. The campaign involved SnakeKeyLogger and XWorm, sent via emails primarily from`mail.haselayakkabi[.]com[.]tr` (SMTP IP: 45[.]144[.]214[.]104). The subject line was "<Recipient> received a new documents" with attachments like "SCS AWB and Commercial Invoice.rar" and a png of the Dropbox logo. Be cautious and stay safe!
The combination of Xworm and SnakeKeyLogger represent a significant threat to privacy, and is capable of stealing passwords, recording keystrokes, and exfiltrating the data using SMTP and telegram.

Malware Analysis: tria.ge/250205-bqhf9stndn
Stay vigilant, everyone! 💻🔒

#malware #snakekeylogger #xworm #phishing #dns #mastodon #threatintel #cybercrime #threatintelligence #cybersecurity #infosec #infoblox #infobloxthreatintel

tria.gesnakekeylogger | 512c9cc2ff12a390c6d3e9cb8c333230116361297920d724fbd847d4b6e1c7cc | TriageCheck this snakekeylogger report malware sample 512c9cc2ff12a390c6d3e9cb8c333230116361297920d724fbd847d4b6e1c7cc, with a score of 10 out of 10.

🚨New ransom group blog posts!🚨

Group name: ransomhub
Post title: www.jsp.com
Info: cti.fyi/groups/ransomhub.html

Group name: ransomhub
Post title: kaplanstahler.com
Info: cti.fyi/groups/ransomhub.html

Group name: ransomhub
Post title: sdfab.com
Info: cti.fyi/groups/ransomhub.html

Group name: ransomhub
Post title: bazcooil.com
Info: cti.fyi/groups/ransomhub.html

Group name: ransomhub
Post title: komline.com
Info: cti.fyi/groups/ransomhub.html

Group name: bashe
Post title: ome.tv | SOLD
Info: cti.fyi/groups/bashe.html

cti.fyiransomhub