#spynote kết quả tìm kiếm
This is a type of craxs rat(#spynote) malware. Since A101 is a Turkish🇹🇷 market chain, the target is Turkish citizens.
who can help? these apks are 0 detections on VT although i am almost 100% sure they are malicious.
⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
A new #SpyNote report is out! 🚨 Dive into the tactics of this Android RAT campaign, from dynamic payload decryption to new obfuscation methods. Learn how threat actors are using deceptive Google Play Store clones to target users dti.domaintools.com/spynote-malwar…
#Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)
![RacWatchin8872's tweet image. #Phishing #Avast #Spynote
📌hxxps://avastsf.]com/📌
Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…)
Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…)
Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)](https://pbs.twimg.com/media/GP4H25kWYAA0Ti0.jpg)
![RacWatchin8872's tweet image. #Phishing #Avast #Spynote
📌hxxps://avastsf.]com/📌
Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…)
Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…)
Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)](https://pbs.twimg.com/media/GP4H6FkWAAEJWFG.jpg)
![RacWatchin8872's tweet image. #Phishing #Avast #Spynote
📌hxxps://avastsf.]com/📌
Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…)
Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…)
Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)](https://pbs.twimg.com/media/GP4H6FnXkAAXyOf.jpg)
🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
![1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote.
El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱
Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…](https://pbs.twimg.com/media/GU9h9RbWsAEzG37.jpg)
![1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote.
El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱
Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…](https://pbs.twimg.com/media/GU9h9RpWYAAsWQ0.jpg)
![1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote.
El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱
Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…](https://pbs.twimg.com/media/GU9h9RlX0AA__QU.jpg)
![1ZRR4H's tweet image. 🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote.
El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱
Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…](https://pbs.twimg.com/media/GU9hjpMXwAAY-Bb.png)
#Spynote campaign targeting Poland Distribution with a fake website looking like the Google Play: https://pltraf111.pages[.]dev/ hash: 71351a9013e7cfbe959d1ea78d1f7bf4bc2cb08a5716725c8434a911149099f3 C2: 45.88.79.231:7771
![alberto__segura's tweet image. #Spynote campaign targeting Poland
Distribution with a fake website looking like the Google Play: https://pltraf111.pages[.]dev/
hash: 71351a9013e7cfbe959d1ea78d1f7bf4bc2cb08a5716725c8434a911149099f3
C2: 45.88.79.231:7771](https://pbs.twimg.com/media/GnW99hFWUAAHrh1.jpg)
Per la prima volta abbiamo visto il malware Android #EagleSpy diffuso in Italia, esso risulta molto similare a ##SpyNote e CraxsRAT. Obiettivamente l'intento finale è sempre lo stesso, sottrarre informazioni bancarie. I#oC: d3lab.net/nuova-campagna…
🚨 Nuova campagna di phishing bancario diffonde il #malware Android #EagleSpy! ℹ️ Questa applicazione malevola similare a #CraxsRAT e #SpyNote sottrare informazioni sensibili dallo smartphone #Android della vittima! 👉 d3lab.net/nuova-campagna… #cybersecurity #mwitaly #ioc
#spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.
#spynote #spyware owner dor47 whoever wondered how Cybercriminals setup the malicious spynote apk's check Picture 2. we are sending roughly 40 samples now to @ReversingLabs
#Spynote campaign using fake VISA app Distribution: https://visasecurity[.]net/ C2: 172.86.93.104:7771 hash: 6b1179c23a7502b4dea7f9bde7dde3d4b5b97c64f634ff3471a1d3d27390f3b1 (The PC download button does nothing)
![alberto__segura's tweet image. #Spynote campaign using fake VISA app
Distribution: https://visasecurity[.]net/
C2: 172.86.93.104:7771
hash: 6b1179c23a7502b4dea7f9bde7dde3d4b5b97c64f634ff3471a1d3d27390f3b1
(The PC download button does nothing)](https://pbs.twimg.com/media/Gm9jKK-XUAAGx5X.jpg)
+ haorizi888[.]top #SpyNote
![skocherhan's tweet image. + haorizi888[.]top
#SpyNote](https://pbs.twimg.com/media/GoxD_TxWEAARm4B.png)
🚨 Newly Registered Domains Distributing SpyNote Malware The latest DomainTools Investigations (DTI) analysis reveals that deceptive websites hosted on newly registered domains are being used to deliver the potent AndroidOS SpyNote malware. dti.domaintools.com/newly-register…
🎉 4 new rules added and 238 rules updated for the #SpyNote malware family. We're moving toward practical, powerful tools — thanks for your continued support! 🙏 Thanks to @zorro_wang ! 🔗 Report: reurl.cc/QaqnQZ
#Spynote AS 20473 🇸🇬 http[:]//66.42.55.13/ready[.]apk AS 210538 🇹🇷 https[:]//45.87.173.219/ready[.]apk Undetected #IOC #Android cc @banthisguy9349 @bofheaded
![prashant_92's tweet image. #Spynote
AS 20473 🇸🇬
http[:]//66.42.55.13/ready[.]apk
AS 210538 🇹🇷
https[:]//45.87.173.219/ready[.]apk
Undetected
#IOC #Android
cc @banthisguy9349 @bofheaded](https://pbs.twimg.com/media/GbAk0RnWEAAulDs.jpg)
![prashant_92's tweet image. #Spynote
AS 20473 🇸🇬
http[:]//66.42.55.13/ready[.]apk
AS 210538 🇹🇷
https[:]//45.87.173.219/ready[.]apk
Undetected
#IOC #Android
cc @banthisguy9349 @bofheaded](https://pbs.twimg.com/media/GbAk0RnXYAIpgrr.jpg)
http://54.253.82.23:8080/ #opendir #spyware #spynote hxxp://47.57.184.164 /ready.apk hxxp://103.148.125.8 /ready.apk hxxp://47.57.7.44 /ready.apk hxxp://103.148.125.26 /ready.apk hxxp://164.155.241.15 /ready.apk hxxp://103.142.244.32 /ready.apk
#AsyncRAT server distributing #SpyNote a.k.a. #CypherRat hxxp://31.172.83.170/apks/ [+]more info: bleepingcomputer.com/news/security/…
![V3n0mStrike's tweet image. #AsyncRAT server distributing #SpyNote a.k.a. #CypherRat
hxxp://31.172.83.170/apks/
[+]more info: bleepingcomputer.com/news/security/…](https://pbs.twimg.com/media/GCU0TbyWoAArnml.jpg)
![V3n0mStrike's tweet image. #AsyncRAT server distributing #SpyNote a.k.a. #CypherRat
hxxp://31.172.83.170/apks/
[+]more info: bleepingcomputer.com/news/security/…](https://pbs.twimg.com/media/GCU0To5W4AAZ8L3.jpg)
![V3n0mStrike's tweet image. #AsyncRAT server distributing #SpyNote a.k.a. #CypherRat
hxxp://31.172.83.170/apks/
[+]more info: bleepingcomputer.com/news/security/…](https://pbs.twimg.com/media/GCU0T6lXsAI6V5q.jpg)
This is a type of craxs rat(#spynote) malware. Since A101 is a Turkish🇹🇷 market chain, the target is Turkish citizens.
who can help? these apks are 0 detections on VT although i am almost 100% sure they are malicious.
#spynote found ->hxxps://www.virustotal.com/gui/file/a1de866d5f75b3f31becb07f4660e2a3cc29d242888be38fadb5a54657156745 #opendir
⚠️ #SpyNote Android RAT dirigido a Chile 🇨🇱 y suplantando a Banco Estado y Banco Santander. Para infectar a sus víctimas, el atacante realiza campañas de #phishing a través de la técnica conocida como BITB (Browser In The Browser). Ref: mrd0x.com/browser-in-the… 69.197.134.103…
#Phishing #Avast #Spynote 📌hxxps://avastsf.]com/📌 Windows - Downloads Anydesk (Revoked Cert) - Anydesk.exe (virustotal.com/gui/file/ec33d…) Mac - Downloads Anydesk - anydesk.dmg (virustotal.com/gui/file/9960c…) Android - Downloads Spynote Trojan - Avastavv.apk (virustotal.com/gui/file/94a3b…)
http[:]45.138.16.250 hosting #SPYNOTE #apk #malware AS 210558( 1337 Services GmbH ) md5: 915e7b50d3cb50243c66ce069032e2cf
![raghav127001's tweet image. http[:]45.138.16.250 hosting #SPYNOTE #apk #malware
AS 210558( 1337 Services GmbH )
md5: 915e7b50d3cb50243c66ce069032e2cf](https://pbs.twimg.com/media/GOUwxMdXUAA2QtL.jpg)
![raghav127001's tweet image. http[:]45.138.16.250 hosting #SPYNOTE #apk #malware
AS 210558( 1337 Services GmbH )
md5: 915e7b50d3cb50243c66ce069032e2cf](https://pbs.twimg.com/media/GOUxF86W0AAIfyz.jpg)
![raghav127001's tweet image. http[:]45.138.16.250 hosting #SPYNOTE #apk #malware
AS 210558( 1337 Services GmbH )
md5: 915e7b50d3cb50243c66ce069032e2cf](https://pbs.twimg.com/media/GOUx5TZWIAEeDKY.jpg)
#AsyncRAT server distributing #SpyNote a.k.a. #CypherRat hxxp://31.172.83.170/apks/ [+]more info: bleepingcomputer.com/news/security/…
+ haorizi888[.]top #SpyNote
🚨 Newly Registered Domains Distributing SpyNote Malware The latest DomainTools Investigations (DTI) analysis reveals that deceptive websites hosted on newly registered domains are being used to deliver the potent AndroidOS SpyNote malware. dti.domaintools.com/newly-register…
#spyware #spynote Alert ‼️ Coming from AS137951 ASLINE-AS-AP They have also left a nice cat picture for @vxunderground cc: @spamhaus thanks @NDA0E for reporting them.
#spynote #spyware owner dor47 whoever wondered how Cybercriminals setup the malicious spynote apk's check Picture 2. we are sending roughly 40 samples now to @ReversingLabs
🚩 Nuevo dominio .CL registrado para distribuir el Troyano para dispositivos Android #SpyNote. El sitio web se encuentra en scotiapass[.]cl y suplanta a Scotiabank Chile 🇨🇱 Los actores de amenaza también crearon un canal de YouTube (ScotiaPass) con una guía de instalación 😏…
Per la prima volta abbiamo visto il malware Android #EagleSpy diffuso in Italia, esso risulta molto similare a ##SpyNote e CraxsRAT. Obiettivamente l'intento finale è sempre lo stesso, sottrarre informazioni bancarie. I#oC: d3lab.net/nuova-campagna…
🚨 Nuova campagna di phishing bancario diffonde il #malware Android #EagleSpy! ℹ️ Questa applicazione malevola similare a #CraxsRAT e #SpyNote sottrare informazioni sensibili dallo smartphone #Android della vittima! 👉 d3lab.net/nuova-campagna… #cybersecurity #mwitaly #ioc
http://54.253.82.23:8080/ #opendir #spyware #spynote hxxp://47.57.184.164 /ready.apk hxxp://103.148.125.8 /ready.apk hxxp://47.57.7.44 /ready.apk hxxp://103.148.125.26 /ready.apk hxxp://164.155.241.15 /ready.apk hxxp://103.142.244.32 /ready.apk
#spynote #android #encryptor panel hxxp://45.130.151.211/index.php?page=Login cc: @Gi7w0rm @500mk500 @abuse_ch @ViriBack
#Fofabot Query for #SpyNote #Malware Query: title=="SpyNote Encryptor" IOCs: https://panel.spynote[.]us 109.248.59[.]212 45.130.151[.]211
![Cyberteam008's tweet image. #Fofabot Query for #SpyNote #Malware
Query: title=="SpyNote Encryptor"
IOCs:
https://panel.spynote[.]us
109.248.59[.]212
45.130.151[.]211](https://pbs.twimg.com/media/GH_sgPCWQAAzTtQ.jpg)
⚠️Watch out fake AV websites sharing malware #Spynote (for android) /avast-securedownload.com @Avast #Lumma Stealer /bitdefender-app.com @Bitdefender #StealC (via Buer Loader?) /malwarebytes.pro @Malwarebytes samples and detonations below 👀
#Spynote AS 20473 🇸🇬 http[:]//66.42.55.13/ready[.]apk AS 210538 🇹🇷 https[:]//45.87.173.219/ready[.]apk Undetected #IOC #Android cc @banthisguy9349 @bofheaded
Pakistan's #APT36 / #TransparentTribe is Targeting Indian Govt agency Central Bureau of Investigation (CBI) to deliver #SpyNote #RAT malware. Details are explained in the attached snapshot. Infra: pastebin.com/w0F6pVa7 @500mk500 #Malware #ioc
Something went wrong.
Something went wrong.
United States Trends
- 1. #KonamiWorldSeriesSweepstakes N/A
- 2. #2025MAMAVOTE 1.44M posts
- 3. Tyla 18.1K posts
- 4. Fetterman 70K posts
- 5. No Kings 145K posts
- 6. Miguel Vick N/A
- 7. Yung Miami N/A
- 8. Deport Harry Sisson 26.6K posts
- 9. Somalia 29.9K posts
- 10. Mitch McConnell 4,621 posts
- 11. Caresha N/A
- 12. #SpiritDay 1,700 posts
- 13. GTreasury 5,571 posts
- 14. Dave Dombrowski N/A
- 15. Andrade 6,772 posts
- 16. ErgoChair X N/A
- 17. #thursdayvibes 3,953 posts
- 18. Ninja Gaiden 26.4K posts
- 19. #WorldFoodDay 37K posts
- 20. Starting 5 7,722 posts