Español
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#spynote resultados de búsqueda

banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
5 jun 2024

http://54.253.82.23:8080/ #opendir #spyware #spynote hxxp://47.57.184.164 /ready.apk hxxp://103.148.125.8 /ready.apk hxxp://47.57.7.44 /ready.apk hxxp://103.148.125.26 /ready.apk hxxp://164.155.241.15 /ready.apk hxxp://103.142.244.32 /ready.apk

banthisguy9349's tweet image. http://54.253.82.23:8080/ #opendir #spyware #spynote hxxp://47.57.184.164 /ready.apk hxxp://103.148.125.8 /ready.apk hxxp://47.57.7.44 /ready.apk hxxp://103.148.125.26 /ready.apk hxxp://164.155.241.15 /ready.apk hxxp://103.142.244.32 /ready.apk
banthisguy9349's tweet image. http://54.253.82.23:8080/ #opendir #spyware #spynote hxxp://47.57.184.164 /ready.apk hxxp://103.148.125.8 /ready.apk hxxp://47.57.7.44 /ready.apk hxxp://103.148.125.26 /ready.apk hxxp://164.155.241.15 /ready.apk hxxp://103.142.244.32 /ready.apk
1
6
28
8
4K
DomainTools's profile picture. A global leader for internet #intel that enables security practitioners to proactively defend their organization in a constantly evolving threat landscape.
DomainTools
 @DomainTools
25 ago

A new #SpyNote report is out! 🚨 Dive into the tactics of this Android RAT campaign, from dynamic payload decryption to new obfuscation methods. Learn how threat actors are using deceptive Google Play Store clones to target users dti.domaintools.com/spynote-malwar…

DomainTools's tweet image. A new #SpyNote report is out! 🚨 Dive into the tactics of this Android RAT campaign, from dynamic payload decryption to new obfuscation methods. Learn how threat actors are using deceptive Google Play Store clones to target users dti.domaintools.com/spynote-malwar…
0
7
21
5
2K
volrant136's profile picture. APT Infra Hunter | Threat Intel Researcher | CTIA | CRTO | eCTHP |
Demon
 @volrant136
27 oct

#Spynote #opendir | AttackCapture An opendir is tracked by @Huntio having 5 different spynote samples. 65cd191f13353ec1cc061ccc751cbfaa d610ced310444cfbab7daa91e3f79439 68a98e82d2abdec08d7cad18a0c3eb8b 32acc69b4c703de71d7a97632c805ede 16fd63efc57a726706ba9eb5b996af21

volrant136's tweet image. #Spynote #opendir | AttackCapture An opendir is tracked by @Huntio having 5 different spynote samples. 65cd191f13353ec1cc061ccc751cbfaa d610ced310444cfbab7daa91e3f79439 68a98e82d2abdec08d7cad18a0c3eb8b 32acc69b4c703de71d7a97632c805ede 16fd63efc57a726706ba9eb5b996af21
1
1
4
1
346
0x6rss's profile picture. OSINT & malware enthusiast, CTI analyst https://t.co/GcA9VSLYkR
0x6rss
@0x6rss
2 ene 2024

This is a type of craxs rat(#spynote) malware. Since A101 is a Turkish🇹🇷 market chain, the target is Turkish citizens.

0x6rss's tweet image. This is a type of craxs rat(#spynote) malware. Since A101 is a Turkish🇹🇷 market chain, the target is Turkish citizens.
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
2 ene 2024

who can help? these apks are 0 detections on VT although i am almost 100% sure they are malicious.

banthisguy9349's tweet image. who can help? these apks are 0 detections on VT although i am almost 100% sure they are malicious.
24
37
287
139
103K
2
6
41
13
13K
guelfoweb's profile picture. Cybersecurity Team Lead at CERT-AGID @AgidCert Agenzia per l'Italia Digitale (AGID) @AgidGov Tweets are my own
Gianni Amato
 @guelfoweb
23 oct 2024

Similarity between #EagleSpy and #SpyNote from a year ago (October 2023).

guelfoweb's tweet image. Similarity between #EagleSpy and #SpyNote from a year ago (October 2023).
2
5
16
3
2K
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
14 ago 2024

🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…

1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
4
26
51
8
8K
0x6rss's profile picture. OSINT & malware enthusiast, CTI analyst https://t.co/GcA9VSLYkR
0x6rss
@0x6rss
6 mar 2024

#android #spynote hxxps://45.130.151.211/ 🤔@malwrhunterteam

0x6rss's tweet image. #android #spynote hxxps://45.130.151.211/ 🤔@malwrhunterteam
0x6rss's tweet image. #android #spynote hxxps://45.130.151.211/ 🤔@malwrhunterteam
3
2
24
7
11K
quarkengine's profile picture. Dig Vulnerabilities in the BlackBox Presented at DEFCON 28 Blue Team Village and BHASIA Arsenal 2021, 2024 #DEFCON #BHASIA #MobileSecurity #AndroidSecurity
Quark Engine
 @quarkengine
26 sept

🎉 4 new rules added and 238 rules updated for the #SpyNote malware family. We're moving toward practical, powerful tools — thanks for your continued support! 🙏 Thanks to @zorro_wang ! 🔗 Report: reurl.cc/QaqnQZ

quarkengine's tweet image. 🎉 4 new rules added and 238 rules updated for the #SpyNote malware family. We're moving toward practical, powerful tools — thanks for your continued support! 🙏 Thanks to @zorro_wang ! 🔗 Report: reurl.cc/QaqnQZ
0
3
6
0
197
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
8 dic 2023

⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…

1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
2
23
75
20
12K
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
14 jul 2024

#spynote #spyware owner dor47 whoever wondered how Cybercriminals setup the malicious spynote apk's check Picture 2. we are sending roughly 40 samples now to @ReversingLabs

banthisguy9349's tweet image. #spynote #spyware owner dor47 whoever wondered how Cybercriminals setup the malicious spynote apk's check Picture 2. we are sending roughly 40 samples now to @ReversingLabs
banthisguy9349's tweet image. #spynote #spyware owner dor47 whoever wondered how Cybercriminals setup the malicious spynote apk's check Picture 2. we are sending roughly 40 samples now to @ReversingLabs
4
7
39
20
10K
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
17 abr

+ haorizi888[.]top #SpyNote

skocherhan's tweet image. + haorizi888[.]top #SpyNote
SecuritySnacks's profile picture. Proactive defense starts with bite-sized #threatintel from the @DomainTools Security Research team. #SnackThePlanet #infosec
SecuritySnacks
 @SecuritySnacks
10 abr

🚨 Newly Registered Domains Distributing SpyNote Malware The latest DomainTools Investigations (DTI) analysis reveals that deceptive websites hosted on newly registered domains are being used to deliver the potent AndroidOS SpyNote malware. dti.domaintools.com/newly-register…

SecuritySnacks's tweet image. 🚨 Newly Registered Domains Distributing SpyNote Malware The latest DomainTools Investigations (DTI) analysis reveals that deceptive websites hosted on newly registered domains are being used to deliver the potent AndroidOS SpyNote malware. dti.domaintools.com/newly-register…
1
6
10
0
1K
0
1
3
0
269
AndreaDraghetti's profile picture. aka Drego. Head of Cyber Threat Intelligence at @D3LabIT! @PhishingArmy, #meioc is my projects and @backbox_org dev! My passions are #F1 and #Running!
Andrea (Drego) Draghetti 👨🏻‍💻 🎣
 @AndreaDraghetti
3 sept 2024

Per la prima volta abbiamo visto il malware Android #EagleSpy diffuso in Italia, esso risulta molto similare a ##SpyNote e CraxsRAT. Obiettivamente l'intento finale è sempre lo stesso, sottrarre informazioni bancarie. I#oC: d3lab.net/nuova-campagna…

AndreaDraghetti's tweet image. Per la prima volta abbiamo visto il malware Android #EagleSpy diffuso in Italia, esso risulta molto similare a ##SpyNote e CraxsRAT. Obiettivamente l'intento finale è sempre lo stesso, sottrarre informazioni bancarie. I#oC: d3lab.net/nuova-campagna…
D3LabIT's profile picture. D3Lab Srl - A Full-Service Cyber Agency
D3Lab
 @D3LabIT
3 sept 2024

🚨 Nuova campagna di phishing bancario diffonde il #malware Android #EagleSpy! ℹ️ Questa applicazione malevola similare a #CraxsRAT e #SpyNote sottrare informazioni sensibili dallo smartphone #Android della vittima! 👉 d3lab.net/nuova-campagna… #cybersecurity #mwitaly #ioc

D3LabIT's tweet card. Una recente campagna di phishing sta diffondendo il malware Android EagleSpy, un potente RAT in grado di rubare dati sensibili attraverso false app bancarie. Analizziamo le somiglianze tecniche con...
Nuova Campagna di Phishing diffonde malware Android EagleSpy
Fuente: d3lab.net
0
4
7
1
6K
2
8
15
2
2K
alberto__segura's profile picture. @rustlang. https://t.co/Y1Q9IwqyV1 https://t.co/i9XY4NOLQW
Alberto Segura
 @alberto__segura
26 mar

#Spynote campaign using fake VISA app Distribution: https://visasecurity[.]net/ C2: 172.86.93.104:7771 hash: 6b1179c23a7502b4dea7f9bde7dde3d4b5b97c64f634ff3471a1d3d27390f3b1 (The PC download button does nothing)

alberto__segura's tweet image. #Spynote campaign using fake VISA app Distribution: https://visasecurity[.]net/ C2: 172.86.93.104:7771 hash: 6b1179c23a7502b4dea7f9bde7dde3d4b5b97c64f634ff3471a1d3d27390f3b1 (The PC download button does nothing)
0
0
3
2
349
alberto__segura's profile picture. @rustlang. https://t.co/Y1Q9IwqyV1 https://t.co/i9XY4NOLQW
Alberto Segura
 @alberto__segura
31 mar

#Spynote campaign targeting Poland Distribution with a fake website looking like the Google Play: https://pltraf111.pages[.]dev/ hash: 71351a9013e7cfbe959d1ea78d1f7bf4bc2cb08a5716725c8434a911149099f3 C2: 45.88.79.231:7771

alberto__segura's tweet image. #Spynote campaign targeting Poland Distribution with a fake website looking like the Google Play: https://pltraf111.pages[.]dev/ hash: 71351a9013e7cfbe959d1ea78d1f7bf4bc2cb08a5716725c8434a911149099f3 C2: 45.88.79.231:7771
0
2
9
0
753
RacWatchin8872's profile picture. Threat Intelligence. My Opinions Thanks @silentpush, @censysio, @ValidinLLC, @anyrun_app for making my research easier.
WatchingRac
 @RacWatchin8872
12 jun 2024

#Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)

RacWatchin8872's tweet image. #Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)
RacWatchin8872's tweet image. #Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)
RacWatchin8872's tweet image. #Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)
2
4
19
4
3K
ozuma5119's profile picture. I won't post any more to Twitter, see you on Bluesky
Osumi, Yusuke
 @ozuma5119
19 abr 2023

⚠️fake Android App [Rapport ラポート] #SpyNote #trojan IP: 194.124.216[.]154 (AS3214 xTom) Abused Brand: Bank of Japan 日本銀行 IoC: otx.alienvault.com/pulse/6440223b… 🦠/skin/client/signed10317c.apk bazaar.abuse.ch/sample/7c4fdf5… bazaar.abuse.ch/sample/841271e… @NaomiSuzuki_ @58_158_177_102 @bunnymaid

ozuma5119's tweet image. ⚠️fake Android App [Rapport ラポート] #SpyNote #trojan IP: 194.124.216[.]154 (AS3214 xTom) Abused Brand: Bank of Japan 日本銀行 IoC: otx.alienvault.com/pulse/6440223b… 🦠/skin/client/signed10317c.apk bazaar.abuse.ch/sample/7c4fdf5… bazaar.abuse.ch/sample/841271e… @NaomiSuzuki_ @58_158_177_102 @bunnymaid
ozuma5119's tweet image. ⚠️fake Android App [Rapport ラポート] #SpyNote #trojan IP: 194.124.216[.]154 (AS3214 xTom) Abused Brand: Bank of Japan 日本銀行 IoC: otx.alienvault.com/pulse/6440223b… 🦠/skin/client/signed10317c.apk bazaar.abuse.ch/sample/7c4fdf5… bazaar.abuse.ch/sample/841271e… @NaomiSuzuki_ @58_158_177_102 @bunnymaid
ozuma5119's tweet image. ⚠️fake Android App [Rapport ラポート] #SpyNote #trojan IP: 194.124.216[.]154 (AS3214 xTom) Abused Brand: Bank of Japan 日本銀行 IoC: otx.alienvault.com/pulse/6440223b… 🦠/skin/client/signed10317c.apk bazaar.abuse.ch/sample/7c4fdf5… bazaar.abuse.ch/sample/841271e… @NaomiSuzuki_ @58_158_177_102 @bunnymaid
2
5
11
0
3K
prashant_92's profile picture. #InfoSec n00b @garage4hackers from the Himalayas | CTI enthusiast decoding cyber puzzles | SOF watchdog, #OSINTforGood | Hiker, Bikepacker on Cycle
Prashant Uniyal 🇮🇳
 @prashant_92
28 oct 2024

#Spynote AS 20473 🇸🇬 http[:]//66.42.55.13/ready[.]apk AS 210538 🇹🇷 https[:]//45.87.173.219/ready[.]apk Undetected #IOC #Android cc @banthisguy9349 @bofheaded

prashant_92's tweet image. #Spynote AS 20473 🇸🇬 http[:]//66.42.55.13/ready[.]apk AS 210538 🇹🇷 https[:]//45.87.173.219/ready[.]apk Undetected #IOC #Android cc @banthisguy9349 @bofheaded
prashant_92's tweet image. #Spynote AS 20473 🇸🇬 http[:]//66.42.55.13/ready[.]apk AS 210538 🇹🇷 https[:]//45.87.173.219/ready[.]apk Undetected #IOC #Android cc @banthisguy9349 @bofheaded
0
2
3
0
1K
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
29 jul 2024

#spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.

banthisguy9349's tweet image. #spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.
banthisguy9349's tweet image. #spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.
banthisguy9349's tweet image. #spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.
2
2
20
2
2K
volrant136's profile picture. APT Infra Hunter | Threat Intel Researcher | CTIA | CRTO | eCTHP |
Demon
 @volrant136
27 oct

#Spynote #opendir | AttackCapture An opendir is tracked by @Huntio having 5 different spynote samples. 65cd191f13353ec1cc061ccc751cbfaa d610ced310444cfbab7daa91e3f79439 68a98e82d2abdec08d7cad18a0c3eb8b 32acc69b4c703de71d7a97632c805ede 16fd63efc57a726706ba9eb5b996af21

volrant136's tweet image. #Spynote #opendir | AttackCapture An opendir is tracked by @Huntio having 5 different spynote samples. 65cd191f13353ec1cc061ccc751cbfaa d610ced310444cfbab7daa91e3f79439 68a98e82d2abdec08d7cad18a0c3eb8b 32acc69b4c703de71d7a97632c805ede 16fd63efc57a726706ba9eb5b996af21
1
1
4
1
346
quarkengine's profile picture. Dig Vulnerabilities in the BlackBox Presented at DEFCON 28 Blue Team Village and BHASIA Arsenal 2021, 2024 #DEFCON #BHASIA #MobileSecurity #AndroidSecurity
Quark Engine
 @quarkengine
26 sept

🎉 4 new rules added and 238 rules updated for the #SpyNote malware family. We're moving toward practical, powerful tools — thanks for your continued support! 🙏 Thanks to @zorro_wang ! 🔗 Report: reurl.cc/QaqnQZ

quarkengine's tweet image. 🎉 4 new rules added and 238 rules updated for the #SpyNote malware family. We're moving toward practical, powerful tools — thanks for your continued support! 🙏 Thanks to @zorro_wang ! 🔗 Report: reurl.cc/QaqnQZ
0
3
6
0
197
venombrt99's profile picture. telegram @venombrt Remote control tools For Educational purpose. you will be fully responsible for any illegal activity .
BRT
 @venombrt99
21 sept

Android RAT 远程控制任何设备。 #craxrat #eaglespy #spynote #spyware

venombrt99's tweet image. Android RAT 远程控制任何设备。 #craxrat #eaglespy #spynote #spyware
1
0
0
0
191
venombrt99's profile picture. telegram @venombrt Remote control tools For Educational purpose. you will be fully responsible for any illegal activity .
BRT
 @venombrt99
21 sept

Android RAT удаленно управляет любым устройством. #craxrat #eaglespy #spynote #шпионское ПО telegram @ venombrt

venombrt99's tweet image. Android RAT удаленно управляет любым устройством. #craxrat #eaglespy #spynote #шпионское ПО telegram @ venombrt
0
0
0
0
143
DomainTools's profile picture. A global leader for internet #intel that enables security practitioners to proactively defend their organization in a constantly evolving threat landscape.
DomainTools
 @DomainTools
25 ago

A new #SpyNote report is out! 🚨 Dive into the tactics of this Android RAT campaign, from dynamic payload decryption to new obfuscation methods. Learn how threat actors are using deceptive Google Play Store clones to target users dti.domaintools.com/spynote-malwar…

DomainTools's tweet image. A new #SpyNote report is out! 🚨 Dive into the tactics of this Android RAT campaign, from dynamic payload decryption to new obfuscation methods. Learn how threat actors are using deceptive Google Play Store clones to target users dti.domaintools.com/spynote-malwar…
0
7
21
5
2K
TweetThreatNews's profile picture. 🔍 ThreatResearch 📰 CybersecurityNews 🖥️ RansomMonitor 📂 Cyber Attack 📂 Data Breach 🎥 Youtube
Cybersecurity News Everyday
 @TweetThreatNews
23 ago

Fake Google Play Store sites deliver Android SpyNote RAT via APK droppers using dynamic decryption, DEX injection, and anti-analysis tactics. Targets include spoofed Chrome, CamSoda, and iHappy apps. #SpyNote #AndroidThreat #MalwareIndia ift.tt/xQlcgPK

TweetThreatNews's tweet card. Deceptive websites cloned from the Google Play Store are delivering AndroidOS SpyNote RAT via APK droppers that use dynamic payload decryption, DEX element injection, and added anti-analysis techni...
SpyNote Malware Part 2
Fuente: hendryadrian.com
0
0
1
0
166
SecuritySnacks's profile picture. Proactive defense starts with bite-sized #threatintel from the @DomainTools Security Research team. #SnackThePlanet #infosec
SecuritySnacks
 @SecuritySnacks
22 ago

A new #SpyNote report is out! 🚨 Dive into the tactics of this Android RAT campaign, from dynamic payload decryption to new obfuscation methods. Learn how threat actors are using deceptive Google Play Store clones to target users: dti.domaintools.com/spynote-malwar…

SecuritySnacks's tweet image. A new #SpyNote report is out! 🚨 Dive into the tactics of this Android RAT campaign, from dynamic payload decryption to new obfuscation methods. Learn how threat actors are using deceptive Google Play Store clones to target users: dti.domaintools.com/spynote-malwar…
0
0
2
0
111
DomainTools's profile picture. A global leader for internet #intel that enables security practitioners to proactively defend their organization in a constantly evolving threat landscape.
DomainTools
 @DomainTools
22 ago

A new #SpyNote report is out! 🚨 Dive into the tactics of this Android RAT campaign, from dynamic payload decryption to new obfuscation methods. Learn how threat actors are using deceptive Google Play Store clones to target users dti.domaintools.com/spynote-malwar…

DomainTools's tweet image. A new #SpyNote report is out! 🚨 Dive into the tactics of this Android RAT campaign, from dynamic payload decryption to new obfuscation methods. Learn how threat actors are using deceptive Google Play Store clones to target users dti.domaintools.com/spynote-malwar…
0
1
2
0
381
threatintel's profile picture. Symantec and Carbon Black's threat hunters bring you the latest threat intelligence from the IT security world.
Threat Intelligence
 @threatintel
22 ago

#ThreatProtection #SpyNote campaign abuses IBM Trusteer branding with a fake “Mobile” app. broadcom.com/support/securi…

0
2
4
1
1K
saltcontrol's profile picture. The #1 secure enterprise #communications company within the #Cybersecurity 500. A software solution that enables absolute privacy in #mobile communications.
Salt Communications
 @saltcontrol
20 jul

SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps buff.ly/EO4CWQ7 #Malware #SpyNote #Android #iOS #SecureComms #MobileComms

saltcontrol's tweet image. SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps buff.ly/EO4CWQ7 #Malware #SpyNote #Android #iOS #SecureComms #MobileComms
0
0
0
0
73
_mostwanted002_'s profile picture. I don’t want luxury, I demand prosperity. (aka DoS King) “Death can have me, when it earns me.”
Mayank Malik
 @_mostwanted002_
18 jul

Android Malware Alert/PSA: mParivahan.apk #Spynote malware family. 2-stage IOCs: MD5: e4c7d672dec271226d5ff1a7da15e182 Payload: 9d0f2d607d48a8b5e3ce23315f86c004 tcp[:]//154[.]61[.]80[.]131[:]6666 tcp[:]//154[.]61[.]80[.]242[:]7771 Full report soon CC: @IndianCERT @MeityGov

_mostwanted002_'s tweet image. Android Malware Alert/PSA: mParivahan.apk #Spynote malware family. 2-stage IOCs: MD5: e4c7d672dec271226d5ff1a7da15e182 Payload: 9d0f2d607d48a8b5e3ce23315f86c004 tcp[:]//154[.]61[.]80[.]131[:]6666 tcp[:]//154[.]61[.]80[.]242[:]7771 Full report soon CC: @IndianCERT @MeityGov
_mostwanted002_'s tweet image. Android Malware Alert/PSA: mParivahan.apk #Spynote malware family. 2-stage IOCs: MD5: e4c7d672dec271226d5ff1a7da15e182 Payload: 9d0f2d607d48a8b5e3ce23315f86c004 tcp[:]//154[.]61[.]80[.]131[:]6666 tcp[:]//154[.]61[.]80[.]242[:]7771 Full report soon CC: @IndianCERT @MeityGov
_mostwanted002_'s tweet image. Android Malware Alert/PSA: mParivahan.apk #Spynote malware family. 2-stage IOCs: MD5: e4c7d672dec271226d5ff1a7da15e182 Payload: 9d0f2d607d48a8b5e3ce23315f86c004 tcp[:]//154[.]61[.]80[.]131[:]6666 tcp[:]//154[.]61[.]80[.]242[:]7771 Full report soon CC: @IndianCERT @MeityGov
_mostwanted002_'s tweet image. Android Malware Alert/PSA: mParivahan.apk #Spynote malware family. 2-stage IOCs: MD5: e4c7d672dec271226d5ff1a7da15e182 Payload: 9d0f2d607d48a8b5e3ce23315f86c004 tcp[:]//154[.]61[.]80[.]131[:]6666 tcp[:]//154[.]61[.]80[.]242[:]7771 Full report soon CC: @IndianCERT @MeityGov
0
1
4
0
576
the_yellow_fall's profile picture. Welcome to the Daily Cybersecurity site, your trusted source for cybersecurity news and insights since 2017!
Gray Hats
 @the_yellow_fall
20 jun

Researchers uncovered dozens of malicious Android apps disguised as popular programs on open servers, which are fronts for SpyNote spyware, harvesting sensitive user data. #AndroidSpyware #SpyNote #MobileSecurity #Cybersecurity #MalwareAlert securityonline.info/alert-hunt-io-…

the_yellow_fall's tweet card. Hunt.io researchers uncovered dozens of malicious Android apps disguised as popular programs on open servers, which are fronts for SpyNote spyware, harvesting sensitive user data.
Alert: Hunt.io Uncovers SpyNote Android Spyware Disguised as Popular Apps on Open Servers
Fuente: securityonline.info
0
0
1
0
259
anyrun_app's profile picture. Empowering businesses with proactive security solutions: Interactive Sandbox, TI Lookup and Feeds. Sign up: https://t.co/8hIX0Qh5ME
ANY.RUN
@anyrun_app
17 jun

🤖 Android devices can be a major cybersecurity hazard for businesses. See how #ANYRUN helps with early detection of malicious APKs to prevent costly incidents. Analysis of #SalvadorStealer and #SpyNote inside 👇 any.run/cybersecurity-…

anyrun_app's tweet card. Discover how Android apps compromise businesses’ security and learn about the power of sandbox analysis for early detection of cyber threats.
Why Businesses Are at Risk of Android Malware Attacks
Fuente: any.run
0
4
6
1
1K
saltcontrol's profile picture. The #1 secure enterprise #communications company within the #Cybersecurity 500. A software solution that enables absolute privacy in #mobile communications.
Salt Communications
 @saltcontrol
18 may

SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps buff.ly/EO4CWQ7 #Malware #SpyNote #Android #iOS #SecureComms #MobileComms

saltcontrol's tweet image. SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps buff.ly/EO4CWQ7 #Malware #SpyNote #Android #iOS #SecureComms #MobileComms
0
0
0
0
126
alphahunt_io's profile picture. Have a cyber/threat intel question? Just ask (or DM us)! https://t.co/x2Zgwjn6Q0 https://t.co/X7ESf3GDN2 by https://t.co/VS7Okzofao
AlphaHunt Intelligence
@alphahunt_io
2 may

📱 Oh, you're still doing your own threat intel? Cute. Meanwhile, #SpyNote, #BadBazaar, and #MOONSHINE are redecorating your Android's insides. But hey, that "Update phone?" sticky note is probably doing wonders. 📅 Read the blog. Save a SOC manager. Maybe yourself. 👉…

alphahunt_io's tweet card. SpyNote, BadBazaar, and MOONSHINE are prominent mobile malware families primarily targeting Android devices.
Mobile Malware Threats: SpyNote, BadBazaar, and MOONSHINE
Fuente: blog.alphahunt.io
0
1
1
0
22
saltcontrol's profile picture. The #1 secure enterprise #communications company within the #Cybersecurity 500. A software solution that enables absolute privacy in #mobile communications.
Salt Communications
 @saltcontrol
28 abr

SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps buff.ly/EO4CWQ7 #Malware #SpyNote #Android #iOS #SecureComms #MobileComms

saltcontrol's tweet image. SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps buff.ly/EO4CWQ7 #Malware #SpyNote #Android #iOS #SecureComms #MobileComms
0
0
0
0
108
BlinkzSec's profile picture. From Call Center Agent to Operation Centre Analyst 24/7 Shift Worker Interest in security - still a newbie
blinkz
@BlinkzSec
31 mar 2024

#spynote found ->hxxps://www.virustotal.com/gui/file/a1de866d5f75b3f31becb07f4660e2a3cc29d242888be38fadb5a54657156745 #opendir

BlinkzSec's tweet image. #spynote found ->hxxps://www.virustotal.com/gui/file/a1de866d5f75b3f31becb07f4660e2a3cc29d242888be38fadb5a54657156745 #opendir
0
0
2
0
294
guelfoweb's profile picture. Cybersecurity Team Lead at CERT-AGID @AgidCert Agenzia per l'Italia Digitale (AGID) @AgidGov Tweets are my own
Gianni Amato
 @guelfoweb
23 oct 2024

Similarity between #EagleSpy and #SpyNote from a year ago (October 2023).

guelfoweb's tweet image. Similarity between #EagleSpy and #SpyNote from a year ago (October 2023).
2
5
16
3
2K
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
5 jun 2024

http://54.253.82.23:8080/ #opendir #spyware #spynote hxxp://47.57.184.164 /ready.apk hxxp://103.148.125.8 /ready.apk hxxp://47.57.7.44 /ready.apk hxxp://103.148.125.26 /ready.apk hxxp://164.155.241.15 /ready.apk hxxp://103.142.244.32 /ready.apk

banthisguy9349's tweet image. http://54.253.82.23:8080/ #opendir #spyware #spynote hxxp://47.57.184.164 /ready.apk hxxp://103.148.125.8 /ready.apk hxxp://47.57.7.44 /ready.apk hxxp://103.148.125.26 /ready.apk hxxp://164.155.241.15 /ready.apk hxxp://103.142.244.32 /ready.apk
banthisguy9349's tweet image. http://54.253.82.23:8080/ #opendir #spyware #spynote hxxp://47.57.184.164 /ready.apk hxxp://103.148.125.8 /ready.apk hxxp://47.57.7.44 /ready.apk hxxp://103.148.125.26 /ready.apk hxxp://164.155.241.15 /ready.apk hxxp://103.142.244.32 /ready.apk
1
6
28
8
4K
0x6rss's profile picture. OSINT & malware enthusiast, CTI analyst https://t.co/GcA9VSLYkR
0x6rss
@0x6rss
6 mar 2024

#android #spynote hxxps://45.130.151.211/ 🤔@malwrhunterteam

0x6rss's tweet image. #android #spynote hxxps://45.130.151.211/ 🤔@malwrhunterteam
0x6rss's tweet image. #android #spynote hxxps://45.130.151.211/ 🤔@malwrhunterteam
3
2
24
7
11K
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
14 ago 2024

🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…

1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
4
26
51
8
8K
1ZRR4H's profile picture. 🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Germán Fernández
@1ZRR4H
8 dic 2023

⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…

1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
1ZRR4H's tweet image. ⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
2
23
75
20
12K
0x6rss's profile picture. OSINT & malware enthusiast, CTI analyst https://t.co/GcA9VSLYkR
0x6rss
@0x6rss
2 ene 2024

This is a type of craxs rat(#spynote) malware. Since A101 is a Turkish🇹🇷 market chain, the target is Turkish citizens.

0x6rss's tweet image. This is a type of craxs rat(#spynote) malware. Since A101 is a Turkish🇹🇷 market chain, the target is Turkish citizens.
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
2 ene 2024

who can help? these apks are 0 detections on VT although i am almost 100% sure they are malicious.

banthisguy9349's tweet image. who can help? these apks are 0 detections on VT although i am almost 100% sure they are malicious.
24
37
287
139
103K
2
6
41
13
13K
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
29 jul 2024

#spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.

banthisguy9349's tweet image. #spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.
banthisguy9349's tweet image. #spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.
banthisguy9349's tweet image. #spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.
2
2
20
2
2K
raghav127001's profile picture. Threat Analysis Engineer @gendigitalinc |Hunting Malware with a Passion
Raghav Rastogi
 @raghav127001
24 may 2024

http[:]45.138.16.250 hosting #SPYNOTE #apk #malware AS 210558( 1337 Services GmbH ) md5: 915e7b50d3cb50243c66ce069032e2cf

raghav127001's tweet image. http[:]45.138.16.250 hosting #SPYNOTE #apk #malware AS 210558( 1337 Services GmbH ) md5: 915e7b50d3cb50243c66ce069032e2cf
raghav127001's tweet image. http[:]45.138.16.250 hosting #SPYNOTE #apk #malware AS 210558( 1337 Services GmbH ) md5: 915e7b50d3cb50243c66ce069032e2cf
raghav127001's tweet image. http[:]45.138.16.250 hosting #SPYNOTE #apk #malware AS 210558( 1337 Services GmbH ) md5: 915e7b50d3cb50243c66ce069032e2cf
0
1
5
1
1K
banthisguy9349's profile picture. Just a person who is against cyber crime and dictators like Putin
Fox_threatintel
 @banthisguy9349
14 jul 2024

#spynote #spyware owner dor47 whoever wondered how Cybercriminals setup the malicious spynote apk's check Picture 2. we are sending roughly 40 samples now to @ReversingLabs

banthisguy9349's tweet image. #spynote #spyware owner dor47 whoever wondered how Cybercriminals setup the malicious spynote apk's check Picture 2. we are sending roughly 40 samples now to @ReversingLabs
banthisguy9349's tweet image. #spynote #spyware owner dor47 whoever wondered how Cybercriminals setup the malicious spynote apk's check Picture 2. we are sending roughly 40 samples now to @ReversingLabs
4
7
39
20
10K
skocherhan's profile picture. Digital nomad, exploring the cyber frontier.
ܛܔܔܔܛܔܛܔܛ
@skocherhan
17 abr

+ haorizi888[.]top #SpyNote

skocherhan's tweet image. + haorizi888[.]top #SpyNote
SecuritySnacks's profile picture. Proactive defense starts with bite-sized #threatintel from the @DomainTools Security Research team. #SnackThePlanet #infosec
SecuritySnacks
 @SecuritySnacks
10 abr

🚨 Newly Registered Domains Distributing SpyNote Malware The latest DomainTools Investigations (DTI) analysis reveals that deceptive websites hosted on newly registered domains are being used to deliver the potent AndroidOS SpyNote malware. dti.domaintools.com/newly-register…

SecuritySnacks's tweet image. 🚨 Newly Registered Domains Distributing SpyNote Malware The latest DomainTools Investigations (DTI) analysis reveals that deceptive websites hosted on newly registered domains are being used to deliver the potent AndroidOS SpyNote malware. dti.domaintools.com/newly-register…
1
6
10
0
1K
0
1
3
0
269
naumovax's profile picture. pt malicious network traffic researcher, speaker / this blog about new malware & interesting С2 communication & my work life
Kseniia \n
 @naumovax
17 mar

Find 10 differences / Yet another #SpyNote 🤖 Today I read medium.com/s2wblog/detail… about DocSwap After research I found the old article about C2 communication SpyNote (#android #spyware) - bulldogjob.pl/articles/1200-… C2: 204.12.253[.]10:6834 - the network protocol is identical ⬇️

naumovax's tweet image. Find 10 differences / Yet another #SpyNote 🤖 Today I read medium.com/s2wblog/detail… about DocSwap After research I found the old article about C2 communication SpyNote (#android #spyware) - bulldogjob.pl/articles/1200-… C2: 204.12.253[.]10:6834 - the network protocol is identical ⬇️
1
14
41
8
8K
prashant_92's profile picture. #InfoSec n00b @garage4hackers from the Himalayas | CTI enthusiast decoding cyber puzzles | SOF watchdog, #OSINTforGood | Hiker, Bikepacker on Cycle
Prashant Uniyal 🇮🇳
 @prashant_92
28 oct 2024

#Spynote AS 20473 🇸🇬 http[:]//66.42.55.13/ready[.]apk AS 210538 🇹🇷 https[:]//45.87.173.219/ready[.]apk Undetected #IOC #Android cc @banthisguy9349 @bofheaded

prashant_92's tweet image. #Spynote AS 20473 🇸🇬 http[:]//66.42.55.13/ready[.]apk AS 210538 🇹🇷 https[:]//45.87.173.219/ready[.]apk Undetected #IOC #Android cc @banthisguy9349 @bofheaded
prashant_92's tweet image. #Spynote AS 20473 🇸🇬 http[:]//66.42.55.13/ready[.]apk AS 210538 🇹🇷 https[:]//45.87.173.219/ready[.]apk Undetected #IOC #Android cc @banthisguy9349 @bofheaded
0
2
3
0
1K
RacWatchin8872's profile picture. Threat Intelligence. My Opinions Thanks @silentpush, @censysio, @ValidinLLC, @anyrun_app for making my research easier.
WatchingRac
 @RacWatchin8872
12 jun 2024

#Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)

RacWatchin8872's tweet image. #Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)
RacWatchin8872's tweet image. #Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)
RacWatchin8872's tweet image. #Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)
2
4
19
4
3K
Cyberteam008's profile picture. Threat Hunting | APT Tracking | Malware Analysis | Darkweb Monitoring "Unity is Strength"
Cyber Team
 @Cyberteam008
6 mar 2024

#Fofabot Query for #SpyNote #Malware Query: title=="SpyNote Encryptor" IOCs: https://panel.spynote[.]us 109.248.59[.]212 45.130.151[.]211

Cyberteam008's tweet image. #Fofabot Query for #SpyNote #Malware Query: title=="SpyNote Encryptor" IOCs: https://panel.spynote[.]us 109.248.59[.]212 45.130.151[.]211
1
2
4
1
833
volrant136's profile picture. APT Infra Hunter | Threat Intel Researcher | CTIA | CRTO | eCTHP |
Demon
 @volrant136
27 oct

#Spynote #opendir | AttackCapture An opendir is tracked by @Huntio having 5 different spynote samples. 65cd191f13353ec1cc061ccc751cbfaa d610ced310444cfbab7daa91e3f79439 68a98e82d2abdec08d7cad18a0c3eb8b 32acc69b4c703de71d7a97632c805ede 16fd63efc57a726706ba9eb5b996af21

volrant136's tweet image. #Spynote #opendir | AttackCapture An opendir is tracked by @Huntio having 5 different spynote samples. 65cd191f13353ec1cc061ccc751cbfaa d610ced310444cfbab7daa91e3f79439 68a98e82d2abdec08d7cad18a0c3eb8b 32acc69b4c703de71d7a97632c805ede 16fd63efc57a726706ba9eb5b996af21
1
1
4
1
346
Cyberteam008's profile picture. Threat Hunting | APT Tracking | Malware Analysis | Darkweb Monitoring "Unity is Strength"
Cyber Team
 @Cyberteam008
28 jun 2024

Pakistan's #APT36 / #TransparentTribe is Targeting Indian Govt agency Central Bureau of Investigation (CBI) to deliver #SpyNote #RAT malware. Details are explained in the attached snapshot. Infra: pastebin.com/w0F6pVa7 @500mk500 #Malware #ioc

Cyberteam008's tweet image. Pakistan's #APT36 / #TransparentTribe is Targeting Indian Govt agency Central Bureau of Investigation (CBI) to deliver #SpyNote #RAT malware. Details are explained in the attached snapshot. Infra: pastebin.com/w0F6pVa7 @500mk500 #Malware #ioc
1
9
29
9
4K
AndreaDraghetti's profile picture. aka Drego. Head of Cyber Threat Intelligence at @D3LabIT! @PhishingArmy, #meioc is my projects and @backbox_org dev! My passions are #F1 and #Running!
Andrea (Drego) Draghetti 👨🏻‍💻 🎣
 @AndreaDraghetti
3 sept 2024

Per la prima volta abbiamo visto il malware Android #EagleSpy diffuso in Italia, esso risulta molto similare a ##SpyNote e CraxsRAT. Obiettivamente l'intento finale è sempre lo stesso, sottrarre informazioni bancarie. I#oC: d3lab.net/nuova-campagna…

AndreaDraghetti's tweet image. Per la prima volta abbiamo visto il malware Android #EagleSpy diffuso in Italia, esso risulta molto similare a ##SpyNote e CraxsRAT. Obiettivamente l'intento finale è sempre lo stesso, sottrarre informazioni bancarie. I#oC: d3lab.net/nuova-campagna…
D3LabIT's profile picture. D3Lab Srl - A Full-Service Cyber Agency
D3Lab
 @D3LabIT
3 sept 2024

🚨 Nuova campagna di phishing bancario diffonde il #malware Android #EagleSpy! ℹ️ Questa applicazione malevola similare a #CraxsRAT e #SpyNote sottrare informazioni sensibili dallo smartphone #Android della vittima! 👉 d3lab.net/nuova-campagna… #cybersecurity #mwitaly #ioc

D3LabIT's tweet card. Una recente campagna di phishing sta diffondendo il malware Android EagleSpy, un potente RAT in grado di rubare dati sensibili attraverso false app bancarie. Analizziamo le somiglianze tecniche con...
Nuova Campagna di Phishing diffonde malware Android EagleSpy
Fuente: d3lab.net
0
4
7
1
6K
2
8
15
2
2K

Something went wrong.


Something went wrong.


United States Trends