Gamedev Mastodon

2 posts2 participants0 posts today

Center of the UniverseFree event in one week - Pumpegris is playing live as well! <a href="https://mastodon.social/tags/folkmusic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#folkmusic</a> <a href="https://mastodon.social/tags/norway" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#norway</a> <a href="https://mastodon.social/tags/trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#trojan</a>

OTX BotWeaponized Words: Uyghur Language Software Hijacked to Deliver MalwareThis analysis details a spearphishing campaign targeting senior members of the World Uyghur Congress (WUC) in March 2025. The attackers used a trojanized version of a legitimate Uyghur language text editor to deliver Windows-based malware for remote surveillance. While not technically advanced, the malware delivery was well-customized to reach the Uyghur community. This incident is part of a broader pattern of digital transnational repression against Uyghur diaspora by actors likely aligned with the Chinese government. The malware profiled systems, sent information to remote servers, and could load additional malicious plugins. The campaign demonstrates the ongoing digital threats facing exiled Uyghur communities and the exploitation of software meant to support marginalized cultures.Pulse ID: 680f07377e6aaa99a9dafcc4 Pulse Link: <a href="https://otx.alienvault.com/pulse/680f07377e6aaa99a9dafcc4" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://otx.alienvault.com/pulse/680f07377e6aaa99a9dafcc4</a> Pulse Author: AlienVault Created: 2025-04-28 04:42:31Be advised, this data is unverified and should be considered preliminary. Always do further verification.<a href="https://social.raytec.co/tags/Chinese" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Chinese</a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://social.raytec.co/tags/Government" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Government</a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OTX</a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenThreatExchange</a> <a href="https://social.raytec.co/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Phishing</a> <a href="https://social.raytec.co/tags/RAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RAT</a> <a href="https://social.raytec.co/tags/SpearPhishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SpearPhishing</a> <a href="https://social.raytec.co/tags/TextEditor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TextEditor</a> <a href="https://social.raytec.co/tags/Trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trojan</a> <a href="https://social.raytec.co/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Windows</a> <a href="https://social.raytec.co/tags/Word" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Word</a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bot</a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AlienVault</a>

PrivacyDigestNew <a href="https://mas.to/tags/Android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Android</a> <a href="https://mas.to/tags/spyware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#spyware</a> is targeting <a href="https://mas.to/tags/Russian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russian</a> <a href="https://mas.to/tags/military" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#military</a> personnel on the front lines - Ars Technica<a href="https://mas.to/tags/Trojanized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trojanized</a> <a href="https://mas.to/tags/mapping" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#mapping</a> app steals users' <a href="https://mas.to/tags/locations" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#locations</a> , <a href="https://mas.to/tags/contacts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#contacts</a> , and more. <a href="https://mas.to/tags/trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#trojan</a> <a href="https://mas.to/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://mas.to/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#privacy</a> <a href="https://mas.to/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> <a href="https://mas.to/tags/russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#russia</a> <a href="https://arstechnica.com/security/2025/04/russian-military-personnel-on-the-front-lines-targeted-with-new-android-spyware/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://arstechnica.com/security/2025/04/russian-military-personnel-on-the-front-lines-targeted-with-new-android-spyware/</a>

Antinous the Gay God🪷 On 24 April 1184 BC Greeks sacked <a href="https://social.anoxinon.de/tags/Troy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Troy</a> by sneaking through the gates inside the <a href="https://social.anoxinon.de/tags/TrojanHorse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TrojanHorse</a>. <a href="https://social.anoxinon.de/tags/Trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trojan</a> warrior by gay illustrator J.C. <a href="https://social.anoxinon.de/tags/Leyendecker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Leyendecker</a>, saint of <a href="https://social.anoxinon.de/tags/Antinous" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Antinous</a>. 🪷

OTX BotNewly Registered Domains Distributing SpyNote MalwareCybercriminals are employing deceptive websites on newly registered domains to distribute AndroidOS SpyNote malware. These sites imitate the Google Chrome install page on the Google Play Store, tricking users into downloading SpyNote, a powerful Android remote access trojan. SpyNote is used for surveillance, data exfiltration, and remote control of infected devices. The investigation uncovered multiple domains, IP addresses, and APK files associated with this campaign. The malware utilizes various C2 endpoints for communication and data exfiltration, with functions designed to retrieve and manipulate device information, contacts, SMS, and applications.Pulse ID: 67feb504b76dd387be73309b Pulse Link: <a href="https://otx.alienvault.com/pulse/67feb504b76dd387be73309b" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://otx.alienvault.com/pulse/67feb504b76dd387be73309b</a> Pulse Author: AlienVault Created: 2025-04-15 19:35:32Be advised, this data is unverified and should be considered preliminary. Always do further verification.<a href="https://social.raytec.co/tags/APK" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APK</a> <a href="https://social.raytec.co/tags/Android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Android</a> <a href="https://social.raytec.co/tags/Chrome" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Chrome</a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://social.raytec.co/tags/DoS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DoS</a> <a href="https://social.raytec.co/tags/Endpoint" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Endpoint</a> <a href="https://social.raytec.co/tags/Google" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Google</a> <a href="https://social.raytec.co/tags/GooglePlay" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GooglePlay</a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OTX</a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenThreatExchange</a> <a href="https://social.raytec.co/tags/RAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RAT</a> <a href="https://social.raytec.co/tags/RemoteAccessTrojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RemoteAccessTrojan</a> <a href="https://social.raytec.co/tags/SMS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SMS</a> <a href="https://social.raytec.co/tags/SpyNote" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SpyNote</a> <a href="https://social.raytec.co/tags/Trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trojan</a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bot</a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AlienVault</a>

World Concert HallRight now, <a href="https://mastodon.world/tags/Mozart" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mozart</a> <a href="https://mastodon.world/tags/Trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trojan</a> with Sidorova, de Hartmann and <a href="https://mastodon.world/tags/Tchaikovsky" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Tchaikovsky</a> from <a href="https://mastodon.world/tags/Poole" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Poole</a> <a href="https://www.worldconcerthall.com/en/schedule/mozart_trojan_with_sidorova_de_hartmann_and_tchaikovsky_from_poole/86872/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.worldconcerthall.com/en/schedule/mozart_trojan_with_sidorova_de_hartmann_and_tchaikovsky_from_poole/86872/</a> <a href="https://mastodon.world/tags/wch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#wch</a>

World Concert HallIn 15 minutes, <a href="https://mastodon.world/tags/Mozart" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mozart</a> <a href="https://mastodon.world/tags/Trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trojan</a> with Sidorova, de Hartmann and <a href="https://mastodon.world/tags/Tchaikovsky" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Tchaikovsky</a> from <a href="https://mastodon.world/tags/Poole" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Poole</a> <a href="https://www.worldconcerthall.com/en/schedule/mozart_trojan_with_sidorova_de_hartmann_and_tchaikovsky_from_poole/86872/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.worldconcerthall.com/en/schedule/mozart_trojan_with_sidorova_de_hartmann_and_tchaikovsky_from_poole/86872/</a> <a href="https://mastodon.world/tags/wch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#wch</a>

Oliver BleesV I N Y L O V E <a href="https://pixelfed.social/discover/tags/buyvinyls?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#buyvinyls</a> <a href="https://pixelfed.social/discover/tags/vinyl?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#vinyl</a> <a href="https://pixelfed.social/discover/tags/vinylgram?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#vinylgram</a> <a href="https://pixelfed.social/discover/tags/reggae?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#reggae</a> <a href="https://pixelfed.social/discover/tags/trojan?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#trojan</a> <a href="https://pixelfed.social/discover/tags/rocksteady?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#rocksteady</a> <a href="https://pixelfed.social/discover/tags/bluebeat?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#bluebeat</a> <a href="https://pixelfed.social/discover/tags/mrnrnw?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#mrnrnw</a> <a href="https://pixelfed.social/discover/tags/makerockandrollnotwar?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#makerockandrollnotwar</a> <a href="https://pixelfed.social/discover/tags/makeskaandsoulnotwar?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#makeskaandsoulnotwar</a>

World Concert HallToday, <a href="https://mastodon.world/tags/Mozart" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mozart</a> <a href="https://mastodon.world/tags/Trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trojan</a> with Sidorova, de Hartmann and <a href="https://mastodon.world/tags/Tchaikovsky" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Tchaikovsky</a> from <a href="https://mastodon.world/tags/Poole" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Poole</a> <a href="https://www.worldconcerthall.com/en/schedule/mozart_trojan_with_sidorova_de_hartmann_and_tchaikovsky_from_poole/86872/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.worldconcerthall.com/en/schedule/mozart_trojan_with_sidorova_de_hartmann_and_tchaikovsky_from_poole/86872/</a> <a href="https://mastodon.world/tags/wch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#wch</a>

OTX BotNewly Registered Domains Distributing SpyNote MalwareDeceptive websites hosted on newly registered domains are being used to deliver AndroidOS SpyNote malware, mimicking the Google Chrome install page on the Google Play Store. The campaign utilizes a mix of English and Chinese-language delivery sites, with Chinese-language comments in the code. The malware is distributed through a two-stage installation process, using an APK dropper to deploy the core SpyNote RAT. SpyNote is a potent Android remote access trojan capable of extensive surveillance, data exfiltration, and remote control. It aggressively requests numerous intrusive permissions, allowing for theft of sensitive data and significant remote access capabilities. The malware's keylogging functionality and ability to manipulate calls, activate cameras and microphones, and remotely wipe data make it a formidable tool for espionage and cybercrime.Pulse ID: 67f80a4aa4c9d5d796071af6 Pulse Link: <a href="https://otx.alienvault.com/pulse/67f80a4aa4c9d5d796071af6" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://otx.alienvault.com/pulse/67f80a4aa4c9d5d796071af6</a> Pulse Author: AlienVault Created: 2025-04-10 18:13:30Be advised, this data is unverified and should be considered preliminary. Always do further verification.<a href="https://social.raytec.co/tags/APK" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APK</a> <a href="https://social.raytec.co/tags/Android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Android</a> <a href="https://social.raytec.co/tags/Chinese" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Chinese</a> <a href="https://social.raytec.co/tags/Chrome" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Chrome</a> <a href="https://social.raytec.co/tags/CyberCrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberCrime</a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://social.raytec.co/tags/DoS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DoS</a> <a href="https://social.raytec.co/tags/Espionage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Espionage</a> <a href="https://social.raytec.co/tags/Google" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Google</a> <a href="https://social.raytec.co/tags/GooglePlay" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GooglePlay</a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://social.raytec.co/tags/Mimic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mimic</a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OTX</a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenThreatExchange</a> <a href="https://social.raytec.co/tags/RAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RAT</a> <a href="https://social.raytec.co/tags/RemoteAccessTrojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RemoteAccessTrojan</a> <a href="https://social.raytec.co/tags/SpyNote" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SpyNote</a> <a href="https://social.raytec.co/tags/Trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trojan</a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bot</a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AlienVault</a>

Muffin<a href="https://yiff.life/tags/corruption" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#corruption</a> <a href="https://yiff.life/tags/tf" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tf</a> <a href="https://yiff.life/tags/transformation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#transformation</a> <a href="https://yiff.life/tags/furryNSFW" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#furryNSFW</a> <a href="https://yiff.life/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> <a href="https://yiff.life/tags/virus" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#virus</a> <a href="https://yiff.life/tags/trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#trojan</a> <a href="https://yiff.life/tags/mobile" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#mobile</a> <a href="https://yiff.life/tags/phone" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#phone</a>

Pyrzout :vm:Grandoreiro Strikes Again: Geofenced Phishing Attacks Target LATAM <a href="https://hackread.com/grandoreiro-strikes-geofenced-phishing-attacks-latam/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://hackread.com/grandoreiro-strikes-geofenced-phishing-attacks-latam/</a> <a href="https://social.skynetcloud.site/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://social.skynetcloud.site/tags/PhishingScam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PhishingScam</a> <a href="https://social.skynetcloud.site/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberAttack</a> <a href="https://social.skynetcloud.site/tags/Grandoreiro" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Grandoreiro</a> <a href="https://social.skynetcloud.site/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://social.skynetcloud.site/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Phishing</a> <a href="https://social.skynetcloud.site/tags/Android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Android</a> <a href="https://social.skynetcloud.site/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://social.skynetcloud.site/tags/TROJAN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TROJAN</a> <a href="https://social.skynetcloud.site/tags/LATAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LATAM</a> <a href="https://social.skynetcloud.site/tags/Scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Scam</a>

OTX BotDeobfuscating APT28's HTA Trojan: A Deep Dive into VBE Techniques & Multi-Layer ObfuscationThis analysis delves into APT28's cyber espionage campaign targeting Central Asia and Kazakhstan diplomatic relations, focusing on their HTA Trojan. The malware employs advanced obfuscation techniques, including VBE (VBScript Encoded) and multi-layer obfuscation. The investigation uses x32dbg debugging to decode the obfuscated code, revealing a custom map algorithm for character deobfuscation. The process involves decoding strings using embedded characters from Windows vbscript.dll. The analysis identifies the use of Microsoft's Windows Script Encoder (screnc.exe) to create VBE files. By employing various deobfuscation techniques, including a Python script, the final malware sample is extracted and analyzed, showcasing APT28's evolving tactics in cyber espionage.Pulse ID: 67efc6e712b49d46c1423ca9 Pulse Link: <a href="https://otx.alienvault.com/pulse/67efc6e712b49d46c1423ca9" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://otx.alienvault.com/pulse/67efc6e712b49d46c1423ca9</a> Pulse Author: AlienVault Created: 2025-04-04 11:47:51Be advised, this data is unverified and should be considered preliminary. Always do further verification.<a href="https://social.raytec.co/tags/APT28" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APT28</a> <a href="https://social.raytec.co/tags/Asia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Asia</a> <a href="https://social.raytec.co/tags/CentralAsia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CentralAsia</a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://social.raytec.co/tags/Espionage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Espionage</a> <a href="https://social.raytec.co/tags/ICS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ICS</a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://social.raytec.co/tags/Kazakhstan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kazakhstan</a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://social.raytec.co/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OTX</a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenThreatExchange</a> <a href="https://social.raytec.co/tags/Python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Python</a> <a href="https://social.raytec.co/tags/Trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trojan</a> <a href="https://social.raytec.co/tags/VBS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VBS</a> <a href="https://social.raytec.co/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Windows</a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bot</a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AlienVault</a>

securityaffairsExperts warn of the new sophisticate <a href="https://infosec.exchange/tags/Crocodilus" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Crocodilus</a> <a href="https://infosec.exchange/tags/mobile" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#mobile</a> <a href="https://infosec.exchange/tags/banking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#banking</a> <a href="https://infosec.exchange/tags/Trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trojan</a> <a href="https://securityaffairs.com/175976/malware/new-sophisticate-crocodilus-mobile-banking-trojan.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://securityaffairs.com/175976/malware/new-sophisticate-crocodilus-mobile-banking-trojan.html</a> <a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityaffairs</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a>

securityaffairsCrooks are reviving the <a href="https://infosec.exchange/tags/Grandoreiro" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Grandoreiro</a> <a href="https://infosec.exchange/tags/banking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#banking</a> <a href="https://infosec.exchange/tags/trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#trojan</a> <a href="https://securityaffairs.com/175964/malware/crooks-are-reviving-the-grandoreiro-banking-trojan.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://securityaffairs.com/175964/malware/crooks-are-reviving-the-grandoreiro-banking-trojan.html</a> <a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityaffairs</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a>

CybernewsRussians are once again ramping up their efforts to snoop on Ukrainian soldiers.<a href="https://infosec.exchange/tags/trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#trojan</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/Ukraine" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ukraine</a> <a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#phishing</a> <a href="https://infosec.exchange/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a> <a href="https://cnews.link/dark-crystal-trojan-ukrainians-signal-1/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://cnews.link/dark-crystal-trojan-ukrainians-signal-1/</a>

OTX BotFile Hashes Analysis with Power BI from Data Stored in DShield SIEMThis analysis showcases the use of Power BI to examine file hash data from a DShield SIEM over a 60-day period. The process involved exporting data from Elastic Discover, importing it into Power BI, and creating visualizations for analysis. Key findings include the identification of an IP address (87.120.113.231) associated with RedTail malware, uploading six different files with multiple hashes. The analysis also revealed the reappearance of a previously identified Linux Trojan (Xorddos) from new IP addresses within the same subnet. Additionally, two strange filenames were discovered and investigated, with one identified as an IRCBot through VirusTotal. This method of large dataset analysis proves valuable in uncovering potentially overlooked or lost data through retrospective examination.Pulse ID: 67d2a955c677b493cb1eaa8f Pulse Link: <a href="https://otx.alienvault.com/pulse/67d2a955c677b493cb1eaa8f" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://otx.alienvault.com/pulse/67d2a955c677b493cb1eaa8f</a> Pulse Author: AlienVault Created: 2025-03-13 09:45:57Be advised, this data is unverified and should be considered preliminary. Always do further verification.<a href="https://social.raytec.co/tags/0Day" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#0Day</a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://social.raytec.co/tags/DDoS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DDoS</a> <a href="https://social.raytec.co/tags/DShield" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DShield</a> <a href="https://social.raytec.co/tags/DoS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DoS</a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://social.raytec.co/tags/LUA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LUA</a> <a href="https://social.raytec.co/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OTX</a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenThreatExchange</a> <a href="https://social.raytec.co/tags/Rust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Rust</a> <a href="https://social.raytec.co/tags/Trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trojan</a> <a href="https://social.raytec.co/tags/VirusTotal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VirusTotal</a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bot</a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AlienVault</a>

OTX BotTargeting of freelance developersNorth Korea-aligned cybercriminals are targeting freelance software developers through fake job offers and coding challenges containing malware. The campaign, dubbed DeceptiveDevelopment, uses two main malware families - BeaverTail and InvisibleFerret - to steal cryptocurrency wallets and login credentials. Attackers pose as recruiters on platforms like LinkedIn and GitHub, providing trojanized projects as part of fake interview processes. The malware steals browser data, cryptocurrency wallets, and system information, and can deploy remote access tools. Hundreds of victims globally have been observed across Windows, Linux and macOS systems. The operation shows increasing sophistication and is expected to continue evolving its tactics to target cryptocurrency users.Pulse ID: 67b81609424eb59f7dd64a0b Pulse Link: <a href="https://otx.alienvault.com/pulse/67b81609424eb59f7dd64a0b" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://otx.alienvault.com/pulse/67b81609424eb59f7dd64a0b</a> Pulse Author: AlienVault Created: 2025-02-21 05:58:33Be advised, this data is unverified and should be considered preliminary. Always do further verification.<a href="https://social.raytec.co/tags/Browser" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Browser</a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://social.raytec.co/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHub</a> <a href="https://social.raytec.co/tags/ICS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ICS</a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://social.raytec.co/tags/Korea" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Korea</a> <a href="https://social.raytec.co/tags/LinkedIn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LinkedIn</a> <a href="https://social.raytec.co/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> <a href="https://social.raytec.co/tags/Mac" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mac</a> <a href="https://social.raytec.co/tags/MacOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MacOS</a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://social.raytec.co/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NorthKorea</a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OTX</a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenThreatExchange</a> <a href="https://social.raytec.co/tags/RAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RAT</a> <a href="https://social.raytec.co/tags/Trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trojan</a> <a href="https://social.raytec.co/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Windows</a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bot</a> <a href="https://social.raytec.co/tags/cryptocurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptocurrency</a> <a href="https://social.raytec.co/tags/developers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#developers</a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AlienVault</a>

Anonymous 🐈️🐾☕🍵🏴🇵🇸 :af:A large-scale malware campaign dubbed "StaryDobry" has been targeting gamers worldwide with trojanized versions of cracked games such as Garry's Mod, BeamNG.drive, and Dyson Sphere Program. <a href="https://kolektiva.social/tags/MalwareAttacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MalwareAttacks</a> <a href="https://kolektiva.social/tags/Trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trojan</a> <a href="https://kolektiva.social/tags/Gamers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Gamers</a> <a href="https://www.bleepingcomputer.com/news/security/cracked-garrys-mod-beamngdrive-games-infect-gamers-with-miners/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/cracked-garrys-mod-beamngdrive-games-infect-gamers-with-miners/</a>

Lady Miss Penelope<a href="https://mastodon.social/tags/turningtoday" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#turningtoday</a> <a href="https://mastodon.social/tags/trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#trojan</a> <a href="https://mastodon.social/tags/trojanrecords" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#trojanrecords</a> <a href="https://mastodon.social/tags/trojanqueens" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#trojanqueens</a> <a href="https://mastodon.social/tags/loveisallibring" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#loveisallibring</a> <a href="https://mastodon.social/tags/reggaeonvinyl" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#reggaeonvinyl</a> <a href="https://mastodon.social/tags/vinyl" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vinyl</a> <a href="https://mastodon.social/tags/vinylonly" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vinylonly</a> <a href="https://mastodon.social/tags/queens" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#queens</a>

Recent searches

Search options

Administered by:

Server stats:

#trojan