1.
abuse.ch
@abuse_ch
Vidar using Mastodon instance used by threat researchers for botnet command&control (ioc .exchange)
Malware samp… twitter.com/i/web/status/1…
Malware samp… twitter.com/i/web/status/1…
2.
abuse.ch
@abuse_ch
Gozi targeting Italy
url->zip->smb->exe
Payload URLs:
urlhaus.abuse.ch/browse/tag/771…
Payload:
… twitter.com/i/web/status/1…
url->zip->smb->exe
Payload URLs:
urlhaus.abuse.ch/browse/tag/771…
Payload:
… twitter.com/i/web/status/1…
3.
4.
5.
6.
7.
abuse.ch
@abuse_ch
Here's another reason why you should share malware distribution sites on #URLhaus
We push confirmed malware… twitter.com/i/web/status/1…
We push confirmed malware… twitter.com/i/web/status/1…
abuse.ch
@abuse_ch
Qakbot (aka Qbot) emerging URLhaus now tracks 4 times more active malware distribution sites compared to end of S… twitter.com/i/web/status/1…
abuse.ch
@abuse_ch
Who can label this malware family? 🪲
C2s
http://dixiel22 .top/gate.php
http://dixuip12 .top/gate.php
http://ula… twitter.com/i/web/status/1…
C2s
http://dixiel22 .top/gate.php
http://dixuip12 .top/gate.php
http://ula… twitter.com/i/web/status/1…
abuse.ch
@abuse_ch
Dealing with malware is like: "Hey, I have this batch of 50k malware samples. You want them?"
Turns out that 95%… twitter.com/i/web/status/1…
Turns out that 95%… twitter.com/i/web/status/1…
abuse.ch
@abuse_ch
In August 2021, 11'295 (+25% ) malware samples have been shared on MalwareBazaar
Top contributors
2'576… twitter.com/i/web/status/1…
Top contributors
2'576… twitter.com/i/web/status/1…
8.
9.
10.
11.
abuse.ch
@abuse_ch
FedEx themed credit card phishing, embedding the phishing URL in a QR code instead of the email body 🪝
sgservicec… twitter.com/i/web/status/1…
sgservicec… twitter.com/i/web/status/1…
abuse.ch
@abuse_ch
Did you know that there are daily MISP events available for URLhaus, MalwareBazaar and ThreatFox?
URLhaus:
… twitter.com/i/web/status/1…
URLhaus:
… twitter.com/i/web/status/1…
abuse.ch
@abuse_ch
Watch out for malicious VBS and JS files in emails, distributing Dridex (botnet: 40112)
JS:… twitter.com/i/web/status/1…
JS:… twitter.com/i/web/status/1…
abuse.ch
@abuse_ch
Malspam with weaponized XLS file distributing #Ostap
Payload on MalwareBazaar:
bazaar.abuse.ch/sample/a2ed32e…
Payloa… twitter.com/i/web/status/1…
Payload on MalwareBazaar:
bazaar.abuse.ch/sample/a2ed32e…
Payloa… twitter.com/i/web/status/1…
...but wait! There's more!
1.
fakhright
@fakhright
astaghfirullah peng.krim guaaaaaaaa..............a *salto sambil solat*
