English
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#spynote search results

guelfoweb's profile picture. Cybersecurity Team Lead at CERT-AGID @AgidCert Agenzia per l'Italia Digitale (AGID) @AgidGov Tweets are my own
Gianni Amato
 @guelfoweb
Oct 23

Similarity between #EagleSpy and #SpyNote from a year ago (October 2023).

guelfoweb's tweet image. Similarity between #EagleSpy and #SpyNote from a year ago (October 2023).
2
5
16
3
2K
0x6rss's profile picture. OSINT & malware enthusiast, CTI analyst https://t.co/GcA9VSLYkR
0x6rss
@0x6rss
Jan 2, 2024

This is a type of craxs rat(#spynote) malware. Since A101 is a Turkish🇹🇷 market chain, the target is Turkish citizens.

0x6rss's tweet image. This is a type of craxs rat(#spynote) malware. Since A101 is a Turkish🇹🇷 market chain, the target is Turkish citizens.
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
Jan 2, 2024

who can help? these apks are 0 detections on VT although i am almost 100% sure they are malicious.

banthisguy9349's tweet image. who can help? these apks are 0 detections on VT although i am almost 100% sure they are malicious.
24
37
289
139
103K
2
6
41
14
13K
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
Dec 8, 2023

⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…

1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
2
23
75
20
12K
0x6rss's profile picture. OSINT & malware enthusiast, CTI analyst https://t.co/GcA9VSLYkR
0x6rss
@0x6rss
Mar 6, 2024

#android #spynote hxxps://45.130.151.211/ 🤔@malwrhunterteam

0x6rss's tweet image. #android #spynote hxxps://45.130.151.211/ 🤔@malwrhunterteam
0x6rss's tweet image. #android #spynote hxxps://45.130.151.211/ 🤔@malwrhunterteam
3
2
25
7
11K
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
Aug 14, 2024

🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…

1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
4
26
51
8
8K
g0njxa's profile picture. ChatGPT says I'm a cyber researcher :) | donate 💸 to g0njxa.eth 💖 | Bad student, enthusiast, defo not an expert DMs are open, feel free to reach! 😼☂️🟣
Who said what?
@g0njxa
Apr 23, 2024

⚠️Watch out fake AV websites sharing malware #Spynote (for android) /avast-securedownload.com @Avast #Lumma Stealer /bitdefender-app.com @Bitdefender #StealC (via Buer Loader?) /malwarebytes.pro @Malwarebytes samples and detonations below 👀

g0njxa's tweet image. ⚠️Watch out fake AV websites sharing malware #Spynote (for android) /avast-securedownload.com @Avast #Lumma Stealer /bitdefender-app.com @Bitdefender #StealC (via Buer Loader?) /malwarebytes.pro @Malwarebytes samples and detonations below 👀
g0njxa's tweet image. ⚠️Watch out fake AV websites sharing malware #Spynote (for android) /avast-securedownload.com @Avast #Lumma Stealer /bitdefender-app.com @Bitdefender #StealC (via Buer Loader?) /malwarebytes.pro @Malwarebytes samples and detonations below 👀
g0njxa's tweet image. ⚠️Watch out fake AV websites sharing malware #Spynote (for android) /avast-securedownload.com @Avast #Lumma Stealer /bitdefender-app.com @Bitdefender #StealC (via Buer Loader?) /malwarebytes.pro @Malwarebytes samples and detonations below 👀
2
16
34
18
5K
alberto__segura's profile picture. @rustlang. https://t.co/Y1Q9IwqyV1 https://t.co/i9XY4NOLQW
Alberto Segura
 @alberto__segura
Mar 31

#Spynote campaign targeting Poland Distribution with a fake website looking like the Google Play: https://pltraf111.pages[.]dev/ hash: 71351a9013e7cfbe959d1ea78d1f7bf4bc2cb08a5716725c8434a911149099f3 C2: 45.88.79.231:7771

alberto__segura's tweet image. #Spynote campaign targeting Poland Distribution with a fake website looking like the Google Play: https://pltraf111.pages[.]dev/ hash: 71351a9013e7cfbe959d1ea78d1f7bf4bc2cb08a5716725c8434a911149099f3 C2: 45.88.79.231:7771
0
2
9
0
749
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
Jul 29, 2024

#spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.

banthisguy9349's tweet image. #spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.
banthisguy9349's tweet image. #spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.
banthisguy9349's tweet image. #spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.
2
2
20
2
2K
AndreaDraghetti's profile picture. aka Drego. Head of Cyber Threat Intelligence at @D3LabIT! @PhishingArmy, #meioc is my projects and @backbox_org dev! My passions are #F1 and #Running!
Andrea (Drego) Draghetti 👨🏻‍💻 🎣
 @AndreaDraghetti
Sep 3, 2024

Per la prima volta abbiamo visto il malware Android #EagleSpy diffuso in Italia, esso risulta molto similare a ##SpyNote e CraxsRAT. Obiettivamente l'intento finale è sempre lo stesso, sottrarre informazioni bancarie. I#oC: d3lab.net/nuova-campagna…

AndreaDraghetti's tweet image. Per la prima volta abbiamo visto il malware Android #EagleSpy diffuso in Italia, esso risulta molto similare a ##SpyNote e CraxsRAT. Obiettivamente l'intento finale è sempre lo stesso, sottrarre informazioni bancarie. I#oC: d3lab.net/nuova-campagna…
D3LabIT's profile picture. D3Lab Srl - A Full-Service Cyber Agency
D3Lab
 @D3LabIT
Sep 3, 2024

🚨 Nuova campagna di phishing bancario diffonde il #malware Android #EagleSpy! ℹ️ Questa applicazione malevola similare a #CraxsRAT e #SpyNote sottrare informazioni sensibili dallo smartphone #Android della vittima! 👉 d3lab.net/nuova-campagna… #cybersecurity #mwitaly #ioc

D3LabIT's tweet card. Una recente campagna di phishing sta diffondendo il malware Android EagleSpy, un potente RAT in grado di rubare dati sensibili attraverso false app bancarie. Analizziamo le somiglianze tecniche con...
Nuova Campagna di Phishing diffonde malware Android EagleSpy
Source: d3lab.net
0
4
7
1
6K
2
9
15
2
2K
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
Jul 14, 2024

#spynote #spyware owner dor47 whoever wondered how Cybercriminals setup the malicious spynote apk's check Picture 2. we are sending roughly 40 samples now to @ReversingLabs

banthisguy9349's tweet image. #spynote #spyware owner dor47 whoever wondered how Cybercriminals setup the malicious spynote apk's check Picture 2. we are sending roughly 40 samples now to @ReversingLabs
banthisguy9349's tweet image. #spynote #spyware owner dor47 whoever wondered how Cybercriminals setup the malicious spynote apk's check Picture 2. we are sending roughly 40 samples now to @ReversingLabs
4
7
39
20
10K
DomainTools's profile picture. A global leader for internet #intel that enables security practitioners to proactively defend their organization in a constantly evolving threat landscape.
DomainTools
 @DomainTools
Aug 25

A new #SpyNote report is out! 🚨 Dive into the tactics of this Android RAT campaign, from dynamic payload decryption to new obfuscation methods. Learn how threat actors are using deceptive Google Play Store clones to target users dti.domaintools.com/spynote-malwar…

DomainTools's tweet image. A new #SpyNote report is out! 🚨 Dive into the tactics of this Android RAT campaign, from dynamic payload decryption to new obfuscation methods. Learn how threat actors are using deceptive Google Play Store clones to target users dti.domaintools.com/spynote-malwar…
0
7
21
5
2K
alberto__segura's profile picture. @rustlang. https://t.co/Y1Q9IwqyV1 https://t.co/i9XY4NOLQW
Alberto Segura
 @alberto__segura
Mar 26

#Spynote campaign using fake VISA app Distribution: https://visasecurity[.]net/ C2: 172.86.93.104:7771 hash: 6b1179c23a7502b4dea7f9bde7dde3d4b5b97c64f634ff3471a1d3d27390f3b1 (The PC download button does nothing)

alberto__segura's tweet image. #Spynote campaign using fake VISA app Distribution: https://visasecurity[.]net/ C2: 172.86.93.104:7771 hash: 6b1179c23a7502b4dea7f9bde7dde3d4b5b97c64f634ff3471a1d3d27390f3b1 (The PC download button does nothing)
0
0
3
2
346
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
Apr 17

+ haorizi888[.]top #SpyNote

skocherhan's tweet image. + haorizi888[.]top #SpyNote
SecuritySnacks's profile picture. Proactive defense starts with bite-sized #threatintel from the @DomainTools Security Research team. #SnackThePlanet #infosec
SecuritySnacks
 @SecuritySnacks
Apr 10

🚨 Newly Registered Domains Distributing SpyNote Malware The latest DomainTools Investigations (DTI) analysis reveals that deceptive websites hosted on newly registered domains are being used to deliver the potent AndroidOS SpyNote malware. dti.domaintools.com/newly-register…

SecuritySnacks's tweet image. 🚨 Newly Registered Domains Distributing SpyNote Malware The latest DomainTools Investigations (DTI) analysis reveals that deceptive websites hosted on newly registered domains are being used to deliver the potent AndroidOS SpyNote malware. dti.domaintools.com/newly-register…
1
6
10
0
1K
0
1
3
0
269
quarkengine's profile picture. Dig Vulnerabilities in the BlackBox Presented at DEFCON 28 Blue Team Village and BHASIA Arsenal 2021, 2024 #DEFCON #BHASIA #MobileSecurity #AndroidSecurity
Quark Engine
 @quarkengine
Sep 26

🎉 4 new rules added and 238 rules updated for the #SpyNote malware family. We're moving toward practical, powerful tools — thanks for your continued support! 🙏 Thanks to @zorro_wang ! 🔗 Report: reurl.cc/QaqnQZ

quarkengine's tweet image. 🎉 4 new rules added and 238 rules updated for the #SpyNote malware family. We're moving toward practical, powerful tools — thanks for your continued support! 🙏 Thanks to @zorro_wang ! 🔗 Report: reurl.cc/QaqnQZ
0
3
6
0
176
Cyberteam008's profile picture. Threat Hunting | APT Tracking | Malware Analysis | Darkweb Monitoring "Unity is Strength"
Cyber Team
 @Cyberteam008
Jun 28, 2024

Pakistan's #APT36 / #TransparentTribe is Targeting Indian Govt agency Central Bureau of Investigation (CBI) to deliver #SpyNote #RAT malware. Details are explained in the attached snapshot. Infra: pastebin.com/w0F6pVa7 @500mk500 #Malware #ioc

Cyberteam008's tweet image. Pakistan's #APT36 / #TransparentTribe is Targeting Indian Govt agency Central Bureau of Investigation (CBI) to deliver #SpyNote #RAT malware. Details are explained in the attached snapshot. Infra: pastebin.com/w0F6pVa7 @500mk500 #Malware #ioc
1
9
29
9
4K
RacWatchin8872's profile picture. Threat Intelligence. My Opinions Thanks @silentpush, @censysio, @ValidinLLC, @anyrun_app for making my research easier.
WatchingRac
 @RacWatchin8872
Jun 12, 2024

#Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)

RacWatchin8872's tweet image. #Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)
RacWatchin8872's tweet image. #Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)
RacWatchin8872's tweet image. #Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)
2
4
19
4
3K
prashant_92's profile picture. #InfoSec n00b @garage4hackers from the Himalayas | CTI enthusiast decoding cyber puzzles | SOF watchdog, #OSINTforGood | Hiker, Bikepacker on Cycle
Prashant Uniyal 🇮🇳
 @prashant_92
Oct 28

#Spynote AS 20473 🇸🇬 http[:]//66.42.55.13/ready[.]apk AS 210538 🇹🇷 https[:]//45.87.173.219/ready[.]apk Undetected #IOC #Android cc @banthisguy9349 @bofheaded

prashant_92's tweet image. #Spynote AS 20473 🇸🇬 http[:]//66.42.55.13/ready[.]apk AS 210538 🇹🇷 https[:]//45.87.173.219/ready[.]apk Undetected #IOC #Android cc @banthisguy9349 @bofheaded
prashant_92's tweet image. #Spynote AS 20473 🇸🇬 http[:]//66.42.55.13/ready[.]apk AS 210538 🇹🇷 https[:]//45.87.173.219/ready[.]apk Undetected #IOC #Android cc @banthisguy9349 @bofheaded
0
2
3
0
1K
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
Jun 5, 2024

http://54.253.82.23:8080/ #opendir #spyware #spynote hxxp://47.57.184.164 /ready.apk hxxp://103.148.125.8 /ready.apk hxxp://47.57.7.44 /ready.apk hxxp://103.148.125.26 /ready.apk hxxp://164.155.241.15 /ready.apk hxxp://103.142.244.32 /ready.apk

banthisguy9349's tweet image. http://54.253.82.23:8080/ #opendir #spyware #spynote hxxp://47.57.184.164 /ready.apk hxxp://103.148.125.8 /ready.apk hxxp://47.57.7.44 /ready.apk hxxp://103.148.125.26 /ready.apk hxxp://164.155.241.15 /ready.apk hxxp://103.142.244.32 /ready.apk
banthisguy9349's tweet image. http://54.253.82.23:8080/ #opendir #spyware #spynote hxxp://47.57.184.164 /ready.apk hxxp://103.148.125.8 /ready.apk hxxp://47.57.7.44 /ready.apk hxxp://103.148.125.26 /ready.apk hxxp://164.155.241.15 /ready.apk hxxp://103.142.244.32 /ready.apk
1
6
28
8
4K
quarkengine's profile picture. Dig Vulnerabilities in the BlackBox Presented at DEFCON 28 Blue Team Village and BHASIA Arsenal 2021, 2024 #DEFCON #BHASIA #MobileSecurity #AndroidSecurity
Quark Engine
 @quarkengine
Sep 26

🎉 4 new rules added and 238 rules updated for the #SpyNote malware family. We're moving toward practical, powerful tools — thanks for your continued support! 🙏 Thanks to @zorro_wang ! 🔗 Report: reurl.cc/QaqnQZ

quarkengine's tweet image. 🎉 4 new rules added and 238 rules updated for the #SpyNote malware family. We're moving toward practical, powerful tools — thanks for your continued support! 🙏 Thanks to @zorro_wang ! 🔗 Report: reurl.cc/QaqnQZ
0
3
6
0
176
venombrt99's profile picture. telegram @venombrt Remote control tools For Educational purpose. you will be fully responsible for any illegal activity .
BRT
 @venombrt99
Sep 21

Android RAT 远程控制任何设备。 #craxrat #eaglespy #spynote #spyware

venombrt99's tweet image. Android RAT 远程控制任何设备。 #craxrat #eaglespy #spynote #spyware
1
0
0
0
136
venombrt99's profile picture. telegram @venombrt Remote control tools For Educational purpose. you will be fully responsible for any illegal activity .
BRT
 @venombrt99
Sep 21

Android RAT удаленно управляет любым устройством. #craxrat #eaglespy #spynote #шпионское ПО telegram @ venombrt

venombrt99's tweet image. Android RAT удаленно управляет любым устройством. #craxrat #eaglespy #spynote #шпионское ПО telegram @ venombrt
0
0
0
0
89
DomainTools's profile picture. A global leader for internet #intel that enables security practitioners to proactively defend their organization in a constantly evolving threat landscape.
DomainTools
 @DomainTools
Aug 25

A new #SpyNote report is out! 🚨 Dive into the tactics of this Android RAT campaign, from dynamic payload decryption to new obfuscation methods. Learn how threat actors are using deceptive Google Play Store clones to target users dti.domaintools.com/spynote-malwar…

DomainTools's tweet image. A new #SpyNote report is out! 🚨 Dive into the tactics of this Android RAT campaign, from dynamic payload decryption to new obfuscation methods. Learn how threat actors are using deceptive Google Play Store clones to target users dti.domaintools.com/spynote-malwar…
0
7
21
5
2K
TweetThreatNews's profile picture. 🔍 ThreatResearch 📰 CybersecurityNews 🖥️ RansomMonitor 📂 Cyber Attack 📂 Data Breach 🎥 Youtube
Cybersecurity News Everyday
 @TweetThreatNews
Aug 23

Fake Google Play Store sites deliver Android SpyNote RAT via APK droppers using dynamic decryption, DEX injection, and anti-analysis tactics. Targets include spoofed Chrome, CamSoda, and iHappy apps. #SpyNote #AndroidThreat #MalwareIndia ift.tt/xQlcgPK

TweetThreatNews's tweet card. Deceptive websites cloned from the Google Play Store are delivering AndroidOS SpyNote RAT via APK droppers that use dynamic payload decryption, DEX element injection, and added anti-analysis techni...
SpyNote Malware Part 2
Source: hendryadrian.com
0
0
1
0
158
SecuritySnacks's profile picture. Proactive defense starts with bite-sized #threatintel from the @DomainTools Security Research team. #SnackThePlanet #infosec
SecuritySnacks
 @SecuritySnacks
Aug 22

A new #SpyNote report is out! 🚨 Dive into the tactics of this Android RAT campaign, from dynamic payload decryption to new obfuscation methods. Learn how threat actors are using deceptive Google Play Store clones to target users: dti.domaintools.com/spynote-malwar…

SecuritySnacks's tweet image. A new #SpyNote report is out! 🚨 Dive into the tactics of this Android RAT campaign, from dynamic payload decryption to new obfuscation methods. Learn how threat actors are using deceptive Google Play Store clones to target users: dti.domaintools.com/spynote-malwar…
0
0
2
0
107
DomainTools's profile picture. A global leader for internet #intel that enables security practitioners to proactively defend their organization in a constantly evolving threat landscape.
DomainTools
 @DomainTools
Aug 22

A new #SpyNote report is out! 🚨 Dive into the tactics of this Android RAT campaign, from dynamic payload decryption to new obfuscation methods. Learn how threat actors are using deceptive Google Play Store clones to target users dti.domaintools.com/spynote-malwar…

DomainTools's tweet image. A new #SpyNote report is out! 🚨 Dive into the tactics of this Android RAT campaign, from dynamic payload decryption to new obfuscation methods. Learn how threat actors are using deceptive Google Play Store clones to target users dti.domaintools.com/spynote-malwar…
0
1
2
0
377
threatintel's profile picture. Symantec and Carbon Black's threat hunters bring you the latest threat intelligence from the IT security world.
Threat Intelligence
 @threatintel
Aug 22

#ThreatProtection #SpyNote campaign abuses IBM Trusteer branding with a fake “Mobile” app. broadcom.com/support/securi…

0
2
4
1
1K
saltcontrol's profile picture. The #1 secure enterprise #communications company within the #Cybersecurity 500. A software solution that enables absolute privacy in #mobile communications.
Salt Communications
 @saltcontrol
Jul 20

SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps buff.ly/EO4CWQ7 #Malware #SpyNote #Android #iOS #SecureComms #MobileComms

saltcontrol's tweet image. SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps buff.ly/EO4CWQ7 #Malware #SpyNote #Android #iOS #SecureComms #MobileComms
0
0
0
0
70
_mostwanted002_'s profile picture. I don’t want luxury, I demand prosperity. (aka DoS King) “Death can have me, when it earns me.”
Mayank Malik
 @_mostwanted002_
Jul 18

Android Malware Alert/PSA: mParivahan.apk #Spynote malware family. 2-stage IOCs: MD5: e4c7d672dec271226d5ff1a7da15e182 Payload: 9d0f2d607d48a8b5e3ce23315f86c004 tcp[:]//154[.]61[.]80[.]131[:]6666 tcp[:]//154[.]61[.]80[.]242[:]7771 Full report soon CC: @IndianCERT @MeityGov

_mostwanted002_'s tweet image. Android Malware Alert/PSA: mParivahan.apk #Spynote malware family. 2-stage IOCs: MD5: e4c7d672dec271226d5ff1a7da15e182 Payload: 9d0f2d607d48a8b5e3ce23315f86c004 tcp[:]//154[.]61[.]80[.]131[:]6666 tcp[:]//154[.]61[.]80[.]242[:]7771 Full report soon CC: @IndianCERT @MeityGov
_mostwanted002_'s tweet image. Android Malware Alert/PSA: mParivahan.apk #Spynote malware family. 2-stage IOCs: MD5: e4c7d672dec271226d5ff1a7da15e182 Payload: 9d0f2d607d48a8b5e3ce23315f86c004 tcp[:]//154[.]61[.]80[.]131[:]6666 tcp[:]//154[.]61[.]80[.]242[:]7771 Full report soon CC: @IndianCERT @MeityGov
_mostwanted002_'s tweet image. Android Malware Alert/PSA: mParivahan.apk #Spynote malware family. 2-stage IOCs: MD5: e4c7d672dec271226d5ff1a7da15e182 Payload: 9d0f2d607d48a8b5e3ce23315f86c004 tcp[:]//154[.]61[.]80[.]131[:]6666 tcp[:]//154[.]61[.]80[.]242[:]7771 Full report soon CC: @IndianCERT @MeityGov
_mostwanted002_'s tweet image. Android Malware Alert/PSA: mParivahan.apk #Spynote malware family. 2-stage IOCs: MD5: e4c7d672dec271226d5ff1a7da15e182 Payload: 9d0f2d607d48a8b5e3ce23315f86c004 tcp[:]//154[.]61[.]80[.]131[:]6666 tcp[:]//154[.]61[.]80[.]242[:]7771 Full report soon CC: @IndianCERT @MeityGov
0
1
4
0
567
anyrun_app's profile picture. Empowering businesses with proactive security solutions: Interactive Sandbox, TI Lookup and Feeds. Sign up: https://t.co/8hIX0Qh5ME
ANY.RUN
@anyrun_app
Jun 17

🤖 Android devices can be a major cybersecurity hazard for businesses. See how #ANYRUN helps with early detection of malicious APKs to prevent costly incidents. Analysis of #SalvadorStealer and #SpyNote inside 👇 any.run/cybersecurity-…

anyrun_app's tweet card. Discover how Android apps compromise businesses’ security and learn about the power of sandbox analysis for early detection of cyber threats.
Why Businesses Are at Risk of Android Malware Attacks
Source: any.run
0
4
6
1
1K
saltcontrol's profile picture. The #1 secure enterprise #communications company within the #Cybersecurity 500. A software solution that enables absolute privacy in #mobile communications.
Salt Communications
 @saltcontrol
May 18

SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps buff.ly/EO4CWQ7 #Malware #SpyNote #Android #iOS #SecureComms #MobileComms

saltcontrol's tweet image. SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps buff.ly/EO4CWQ7 #Malware #SpyNote #Android #iOS #SecureComms #MobileComms
0
0
0
0
125
alphahunt_io's profile picture. Have a cyber/threat intel question? Just ask (or DM us)! https://t.co/x2Zgwjn6Q0 https://t.co/X7ESf3GDN2 by https://t.co/VS7Okzofao
AlphaHunt Intelligence
@alphahunt_io
May 2

📱 Oh, you're still doing your own threat intel? Cute. Meanwhile, #SpyNote, #BadBazaar, and #MOONSHINE are redecorating your Android's insides. But hey, that "Update phone?" sticky note is probably doing wonders. 📅 Read the blog. Save a SOC manager. Maybe yourself. 👉…

0
1
1
0
22
saltcontrol's profile picture. The #1 secure enterprise #communications company within the #Cybersecurity 500. A software solution that enables absolute privacy in #mobile communications.
Salt Communications
 @saltcontrol
Apr 28

SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps buff.ly/EO4CWQ7 #Malware #SpyNote #Android #iOS #SecureComms #MobileComms

saltcontrol's tweet image. SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps buff.ly/EO4CWQ7 #Malware #SpyNote #Android #iOS #SecureComms #MobileComms
0
0
0
0
108
alphahunt_io's profile picture. Have a cyber/threat intel question? Just ask (or DM us)! https://t.co/x2Zgwjn6Q0 https://t.co/X7ESf3GDN2 by https://t.co/VS7Okzofao
AlphaHunt Intelligence
@alphahunt_io
Apr 27

📱 Oh no big deal—just a few charming little #malware gremlins named #SpyNote, #BadBazaar, and #MOONSHINE having a party on your Android. But hey, I’m sure that “Update phone?” sticky note is doing wonders. 📅 Read the blog. Save a SOC manager. Maybe yourself. 👉…

0
1
2
0
51
0x6rss's profile picture. OSINT & malware enthusiast, CTI analyst https://t.co/GcA9VSLYkR
0x6rss
@0x6rss
Jan 2, 2024

This is a type of craxs rat(#spynote) malware. Since A101 is a Turkish🇹🇷 market chain, the target is Turkish citizens.

0x6rss's tweet image. This is a type of craxs rat(#spynote) malware. Since A101 is a Turkish🇹🇷 market chain, the target is Turkish citizens.
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
Jan 2, 2024

who can help? these apks are 0 detections on VT although i am almost 100% sure they are malicious.

banthisguy9349's tweet image. who can help? these apks are 0 detections on VT although i am almost 100% sure they are malicious.
24
37
289
139
103K
2
6
41
14
13K
BlinkzSec's profile picture. From Call Center Agent to Operation Centre Analyst 24/7 Shift Worker Interest in security - still a newbie
blinkz
@BlinkzSec
Mar 31, 2024

#spynote found ->hxxps://www.virustotal.com/gui/file/a1de866d5f75b3f31becb07f4660e2a3cc29d242888be38fadb5a54657156745 #opendir

BlinkzSec's tweet image. #spynote found ->hxxps://www.virustotal.com/gui/file/a1de866d5f75b3f31becb07f4660e2a3cc29d242888be38fadb5a54657156745 #opendir
0
0
2
0
294
guelfoweb's profile picture. Cybersecurity Team Lead at CERT-AGID @AgidCert Agenzia per l'Italia Digitale (AGID) @AgidGov Tweets are my own
Gianni Amato
 @guelfoweb
Oct 23

Similarity between #EagleSpy and #SpyNote from a year ago (October 2023).

guelfoweb's tweet image. Similarity between #EagleSpy and #SpyNote from a year ago (October 2023).
2
5
16
3
2K
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
Dec 8, 2023

⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…

1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
2
23
75
20
12K
0x6rss's profile picture. OSINT & malware enthusiast, CTI analyst https://t.co/GcA9VSLYkR
0x6rss
@0x6rss
Mar 6, 2024

#android #spynote hxxps://45.130.151.211/ 🤔@malwrhunterteam

0x6rss's tweet image. #android #spynote hxxps://45.130.151.211/ 🤔@malwrhunterteam
0x6rss's tweet image. #android #spynote hxxps://45.130.151.211/ 🤔@malwrhunterteam
3
2
25
7
11K
Cyberteam008's profile picture. Threat Hunting | APT Tracking | Malware Analysis | Darkweb Monitoring "Unity is Strength"
Cyber Team
 @Cyberteam008
Jun 28, 2024

Pakistan's #APT36 / #TransparentTribe is Targeting Indian Govt agency Central Bureau of Investigation (CBI) to deliver #SpyNote #RAT malware. Details are explained in the attached snapshot. Infra: pastebin.com/w0F6pVa7 @500mk500 #Malware #ioc

Cyberteam008's tweet image. Pakistan's #APT36 / #TransparentTribe is Targeting Indian Govt agency Central Bureau of Investigation (CBI) to deliver #SpyNote #RAT malware. Details are explained in the attached snapshot. Infra: pastebin.com/w0F6pVa7 @500mk500 #Malware #ioc
1
9
29
9
4K
g0njxa's profile picture. ChatGPT says I'm a cyber researcher :) | donate 💸 to g0njxa.eth 💖 | Bad student, enthusiast, defo not an expert DMs are open, feel free to reach! 😼☂️🟣
Who said what?
@g0njxa
Apr 23, 2024

⚠️Watch out fake AV websites sharing malware #Spynote (for android) /avast-securedownload.com @Avast #Lumma Stealer /bitdefender-app.com @Bitdefender #StealC (via Buer Loader?) /malwarebytes.pro @Malwarebytes samples and detonations below 👀

g0njxa's tweet image. ⚠️Watch out fake AV websites sharing malware #Spynote (for android) /avast-securedownload.com @Avast #Lumma Stealer /bitdefender-app.com @Bitdefender #StealC (via Buer Loader?) /malwarebytes.pro @Malwarebytes samples and detonations below 👀
g0njxa's tweet image. ⚠️Watch out fake AV websites sharing malware #Spynote (for android) /avast-securedownload.com @Avast #Lumma Stealer /bitdefender-app.com @Bitdefender #StealC (via Buer Loader?) /malwarebytes.pro @Malwarebytes samples and detonations below 👀
g0njxa's tweet image. ⚠️Watch out fake AV websites sharing malware #Spynote (for android) /avast-securedownload.com @Avast #Lumma Stealer /bitdefender-app.com @Bitdefender #StealC (via Buer Loader?) /malwarebytes.pro @Malwarebytes samples and detonations below 👀
2
16
34
18
5K
raghav127001's profile picture. Threat Analysis Engineer @gendigitalinc |Hunting Malware with a Passion
Raghav Rastogi
 @raghav127001
May 24, 2024

http[:]45.138.16.250 hosting #SPYNOTE #apk #malware AS 210558( 1337 Services GmbH ) md5: 915e7b50d3cb50243c66ce069032e2cf

raghav127001's tweet image. http[:]45.138.16.250 hosting #SPYNOTE #apk #malware AS 210558( 1337 Services GmbH ) md5: 915e7b50d3cb50243c66ce069032e2cf
raghav127001's tweet image. http[:]45.138.16.250 hosting #SPYNOTE #apk #malware AS 210558( 1337 Services GmbH ) md5: 915e7b50d3cb50243c66ce069032e2cf
raghav127001's tweet image. http[:]45.138.16.250 hosting #SPYNOTE #apk #malware AS 210558( 1337 Services GmbH ) md5: 915e7b50d3cb50243c66ce069032e2cf
0
1
5
1
1K
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
Jul 29, 2024

#spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.

banthisguy9349's tweet image. #spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.
banthisguy9349's tweet image. #spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.
banthisguy9349's tweet image. #spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.
2
2
20
2
2K
V3n0mStrike's profile picture. Entusiasta de la Ciberseguridad 🌐🔍 // CTF Player ☕️🚩// Guitarrista autodidacta 🎸🎶
Ven0m
 @V3n0mStrike
Dec 27, 2023

#AsyncRAT server distributing #SpyNote a.k.a. #CypherRat hxxp://31.172.83.170/apks/ [+]more info: bleepingcomputer.com/news/security/…

V3n0mStrike's tweet image. #AsyncRAT server distributing #SpyNote a.k.a. #CypherRat hxxp://31.172.83.170/apks/ [+]more info: bleepingcomputer.com/news/security/…
V3n0mStrike's tweet image. #AsyncRAT server distributing #SpyNote a.k.a. #CypherRat hxxp://31.172.83.170/apks/ [+]more info: bleepingcomputer.com/news/security/…
V3n0mStrike's tweet image. #AsyncRAT server distributing #SpyNote a.k.a. #CypherRat hxxp://31.172.83.170/apks/ [+]more info: bleepingcomputer.com/news/security/…
0
2
7
1
730
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
Jul 14, 2024

#spynote #spyware owner dor47 whoever wondered how Cybercriminals setup the malicious spynote apk's check Picture 2. we are sending roughly 40 samples now to @ReversingLabs

banthisguy9349's tweet image. #spynote #spyware owner dor47 whoever wondered how Cybercriminals setup the malicious spynote apk's check Picture 2. we are sending roughly 40 samples now to @ReversingLabs
banthisguy9349's tweet image. #spynote #spyware owner dor47 whoever wondered how Cybercriminals setup the malicious spynote apk's check Picture 2. we are sending roughly 40 samples now to @ReversingLabs
4
7
39
20
10K
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
Apr 17

+ haorizi888[.]top #SpyNote

skocherhan's tweet image. + haorizi888[.]top #SpyNote
SecuritySnacks's profile picture. Proactive defense starts with bite-sized #threatintel from the @DomainTools Security Research team. #SnackThePlanet #infosec
SecuritySnacks
 @SecuritySnacks
Apr 10

🚨 Newly Registered Domains Distributing SpyNote Malware The latest DomainTools Investigations (DTI) analysis reveals that deceptive websites hosted on newly registered domains are being used to deliver the potent AndroidOS SpyNote malware. dti.domaintools.com/newly-register…

SecuritySnacks's tweet image. 🚨 Newly Registered Domains Distributing SpyNote Malware The latest DomainTools Investigations (DTI) analysis reveals that deceptive websites hosted on newly registered domains are being used to deliver the potent AndroidOS SpyNote malware. dti.domaintools.com/newly-register…
1
6
10
0
1K
0
1
3
0
269
RacWatchin8872's profile picture. Threat Intelligence. My Opinions Thanks @silentpush, @censysio, @ValidinLLC, @anyrun_app for making my research easier.
WatchingRac
 @RacWatchin8872
Jun 12, 2024

#Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)

RacWatchin8872's tweet image. #Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)
RacWatchin8872's tweet image. #Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)
RacWatchin8872's tweet image. #Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)
2
4
19
4
3K
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
Aug 14, 2024

🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…

1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
4
26
51
8
8K
AndreaDraghetti's profile picture. aka Drego. Head of Cyber Threat Intelligence at @D3LabIT! @PhishingArmy, #meioc is my projects and @backbox_org dev! My passions are #F1 and #Running!
Andrea (Drego) Draghetti 👨🏻‍💻 🎣
 @AndreaDraghetti
Sep 3, 2024

Per la prima volta abbiamo visto il malware Android #EagleSpy diffuso in Italia, esso risulta molto similare a ##SpyNote e CraxsRAT. Obiettivamente l'intento finale è sempre lo stesso, sottrarre informazioni bancarie. I#oC: d3lab.net/nuova-campagna…

AndreaDraghetti's tweet image. Per la prima volta abbiamo visto il malware Android #EagleSpy diffuso in Italia, esso risulta molto similare a ##SpyNote e CraxsRAT. Obiettivamente l'intento finale è sempre lo stesso, sottrarre informazioni bancarie. I#oC: d3lab.net/nuova-campagna…
D3LabIT's profile picture. D3Lab Srl - A Full-Service Cyber Agency
D3Lab
 @D3LabIT
Sep 3, 2024

🚨 Nuova campagna di phishing bancario diffonde il #malware Android #EagleSpy! ℹ️ Questa applicazione malevola similare a #CraxsRAT e #SpyNote sottrare informazioni sensibili dallo smartphone #Android della vittima! 👉 d3lab.net/nuova-campagna… #cybersecurity #mwitaly #ioc

D3LabIT's tweet card. Una recente campagna di phishing sta diffondendo il malware Android EagleSpy, un potente RAT in grado di rubare dati sensibili attraverso false app bancarie. Analizziamo le somiglianze tecniche con...
Nuova Campagna di Phishing diffonde malware Android EagleSpy
Source: d3lab.net
0
4
7
1
6K
2
9
15
2
2K
Cyberteam008's profile picture. Threat Hunting | APT Tracking | Malware Analysis | Darkweb Monitoring "Unity is Strength"
Cyber Team
 @Cyberteam008
Mar 6, 2024

#Fofabot Query for #SpyNote #Malware Query: title=="SpyNote Encryptor" IOCs: https://panel.spynote[.]us 109.248.59[.]212 45.130.151[.]211

Cyberteam008's tweet image. #Fofabot Query for #SpyNote #Malware Query: title=="SpyNote Encryptor" IOCs: https://panel.spynote[.]us 109.248.59[.]212 45.130.151[.]211
1
2
4
1
832
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
Jun 5, 2024

http://54.253.82.23:8080/ #opendir #spyware #spynote hxxp://47.57.184.164 /ready.apk hxxp://103.148.125.8 /ready.apk hxxp://47.57.7.44 /ready.apk hxxp://103.148.125.26 /ready.apk hxxp://164.155.241.15 /ready.apk hxxp://103.142.244.32 /ready.apk

banthisguy9349's tweet image. http://54.253.82.23:8080/ #opendir #spyware #spynote hxxp://47.57.184.164 /ready.apk hxxp://103.148.125.8 /ready.apk hxxp://47.57.7.44 /ready.apk hxxp://103.148.125.26 /ready.apk hxxp://164.155.241.15 /ready.apk hxxp://103.142.244.32 /ready.apk
banthisguy9349's tweet image. http://54.253.82.23:8080/ #opendir #spyware #spynote hxxp://47.57.184.164 /ready.apk hxxp://103.148.125.8 /ready.apk hxxp://47.57.7.44 /ready.apk hxxp://103.148.125.26 /ready.apk hxxp://164.155.241.15 /ready.apk hxxp://103.142.244.32 /ready.apk
1
6
28
8
4K
prashant_92's profile picture. #InfoSec n00b @garage4hackers from the Himalayas | CTI enthusiast decoding cyber puzzles | SOF watchdog, #OSINTforGood | Hiker, Bikepacker on Cycle
Prashant Uniyal 🇮🇳
 @prashant_92
Oct 28

#Spynote AS 20473 🇸🇬 http[:]//66.42.55.13/ready[.]apk AS 210538 🇹🇷 https[:]//45.87.173.219/ready[.]apk Undetected #IOC #Android cc @banthisguy9349 @bofheaded

prashant_92's tweet image. #Spynote AS 20473 🇸🇬 http[:]//66.42.55.13/ready[.]apk AS 210538 🇹🇷 https[:]//45.87.173.219/ready[.]apk Undetected #IOC #Android cc @banthisguy9349 @bofheaded
prashant_92's tweet image. #Spynote AS 20473 🇸🇬 http[:]//66.42.55.13/ready[.]apk AS 210538 🇹🇷 https[:]//45.87.173.219/ready[.]apk Undetected #IOC #Android cc @banthisguy9349 @bofheaded
0
2
3
0
1K

Something went wrong.


Something went wrong.


United States Trends