secsolution<p>ESET APT Report: gli attacchi informatici russi in Ucraina si intensificano: Nel suo ultimo report, dal titolo "APT Activity Report", vengono analizzate le attivita’ di alcuni gruppi APT documentate dai ricercatori di ESET tra ottobre 2024 e...<br><a href="https://mastodon.social/tags/ESET" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ESET</span></a> <a href="https://mastodon.social/tags/ESETAPTReport" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ESETAPTReport</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.social/tags/DeceptiveDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DeceptiveDevelopment</span></a> <a href="https://mastodon.social/tags/infrastrutturecritiche" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infrastrutturecritiche</span></a> <a href="http://dlvr.it/TL6LHM" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">http://</span><span class="">dlvr.it/TL6LHM</span><span class="invisible"></span></a></p>
techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome
Administered by:
Server stats:
4.6Kactive users
techhub.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.2
#deceptivedevelopment
0 posts · 0 participants · 0 posts today
lazarusholic<p>"ESET APT Activity Report Q4 2024–Q1 2025" published by ESET. <a href="https://infosec.exchange/tags/Bybit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bybit</span></a>, <a href="https://infosec.exchange/tags/DeceptiveDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DeceptiveDevelopment</span></a>, <a href="https://infosec.exchange/tags/Kimsuky" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kimsuky</span></a>, <a href="https://infosec.exchange/tags/Konni" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Konni</span></a>, <a href="https://infosec.exchange/tags/Trend" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Trend</span></a>, <a href="https://infosec.exchange/tags/DPRK" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DPRK</span></a>, <a href="https://infosec.exchange/tags/CTI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CTI</span></a> <a href="https://www.welivesecurity.com/en/eset-research/eset-apt-activity-report-q4-2024-q1-2025/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">welivesecurity.com/en/eset-res</span><span class="invisible">earch/eset-apt-activity-report-q4-2024-q1-2025/</span></a></p>
Pyrzout :vm:<p>Freelance Software Developers in North Korean Malware Crosshairs – Source: www.securityweek.com <a href="https://ciso2ciso.com/freelance-software-developers-in-north-korean-malware-crosshairs-source-www-securityweek-com/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ciso2ciso.com/freelance-softwa</span><span class="invisible">re-developers-in-north-korean-malware-crosshairs-source-www-securityweek-com/</span></a> <a href="https://social.skynetcloud.site/tags/rssfeedpostgeneratorecho" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rssfeedpostgeneratorecho</span></a> <a href="https://social.skynetcloud.site/tags/DeceptiveDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DeceptiveDevelopment</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a>&Threats <a href="https://social.skynetcloud.site/tags/securityweekcom" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityweekcom</span></a> <a href="https://social.skynetcloud.site/tags/fakeITworkers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fakeITworkers</span></a> <a href="https://social.skynetcloud.site/tags/securityweek" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityweek</span></a> <a href="https://social.skynetcloud.site/tags/NationState" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NationState</span></a> <a href="https://social.skynetcloud.site/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NorthKorea</span></a> <a href="https://social.skynetcloud.site/tags/LinkedIn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LinkedIn</span></a> <a href="https://social.skynetcloud.site/tags/AnyDesk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AnyDesk</span></a> <a href="https://social.skynetcloud.site/tags/eset" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>eset</span></a></p>
Pyrzout :vm:<p>Freelance Software Developers in North Korean Malware Crosshairs <a href="https://www.securityweek.com/freelance-software-developers-in-north-korean-malware-crosshairs/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">securityweek.com/freelance-sof</span><span class="invisible">tware-developers-in-north-korean-malware-crosshairs/</span></a> <a href="https://social.skynetcloud.site/tags/DeceptiveDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DeceptiveDevelopment</span></a> <a href="https://social.skynetcloud.site/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a>&Threats <a href="https://social.skynetcloud.site/tags/fakeITworkers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fakeITworkers</span></a> <a href="https://social.skynetcloud.site/tags/NationState" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NationState</span></a> <a href="https://social.skynetcloud.site/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NorthKorea</span></a> <a href="https://social.skynetcloud.site/tags/LinkedIn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LinkedIn</span></a> <a href="https://social.skynetcloud.site/tags/AnyDesk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AnyDesk</span></a> <a href="https://social.skynetcloud.site/tags/ESET" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ESET</span></a></p>
Pyrzout :vm:<p>Freelance Software Developers in North Korean Malware Crosshairs <a href="https://www.securityweek.com/freelance-software-developers-in-north-korean-malware-crosshairs/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">securityweek.com/freelance-sof</span><span class="invisible">tware-developers-in-north-korean-malware-crosshairs/</span></a> <a href="https://social.skynetcloud.site/tags/DeceptiveDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DeceptiveDevelopment</span></a> <a href="https://social.skynetcloud.site/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a>&Threats <a href="https://social.skynetcloud.site/tags/fakeITworkers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fakeITworkers</span></a> <a href="https://social.skynetcloud.site/tags/NationState" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NationState</span></a> <a href="https://social.skynetcloud.site/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NorthKorea</span></a> <a href="https://social.skynetcloud.site/tags/LinkedIn" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LinkedIn</span></a> <a href="https://social.skynetcloud.site/tags/AnyDesk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AnyDesk</span></a> <a href="https://social.skynetcloud.site/tags/ESET" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ESET</span></a></p>
lazarusholic<p>"DeceptiveDevelopment targets freelance developers" published by ESET. <a href="https://infosec.exchange/tags/BeaverTail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BeaverTail</span></a>, <a href="https://infosec.exchange/tags/DeceptiveDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DeceptiveDevelopment</span></a>, <a href="https://infosec.exchange/tags/InvisibleFerret" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InvisibleFerret</span></a>, <a href="https://infosec.exchange/tags/DPRK" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DPRK</span></a>, <a href="https://infosec.exchange/tags/CTI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CTI</span></a> <a href="https://www.welivesecurity.com/en/eset-research/deceptivedevelopment-targets-freelance-developers/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">welivesecurity.com/en/eset-res</span><span class="invisible">earch/deceptivedevelopment-targets-freelance-developers/</span></a></p>
ESET Research<p><a href="https://infosec.exchange/tags/ESETresearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ESETresearch</span></a> analyzed a campaign by <a href="https://infosec.exchange/tags/DeceptiveDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DeceptiveDevelopment</span></a> targeting developers with trojanized coding tests. Posing as recruiters, the operators approach their targets on job-hunting platforms, aiming to steal their cryptocurrency wallets and more.</p><p><a href="https://www.welivesecurity.com/en/eset-research/deceptivedevelopment-targets-freelance-developers/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">welivesecurity.com/en/eset-res</span><span class="invisible">earch/deceptivedevelopment-targets-freelance-developers/</span></a></p><p>DeceptiveDevelopment is a 🇰🇵-aligned activity cluster. The attackers target software developers on 🪟 Windows, 🐧Linux, and 🍎 macOS, regardless of geographical location, in order to maximize profits. </p><p>The campaign primarily uses two malware families – the first, 🦫 BeaverTail, acts as a simple login stealer, extracting browser databases containing saved logins, and is a downloader for the second stage, InvisibleFerret.</p><p>InvisibleFerret is modular 🐍 Python-based malware that includes spyware and backdoor components, and is also capable of downloading the legitimate AnyDesk remote management and monitoring software for post-compromise activities.</p><p>While DeceptiveDevelopment’s toolset has already been analyzed by <a href="https://x.com/Unit42_Intel" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">x.com/Unit42_Intel</span><span class="invisible"></span></a> and <a href="https://x.com/GroupIB_TI" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">x.com/GroupIB_TI</span><span class="invisible"></span></a>, our analysis contains details that have not been publicly reported before.</p><p>You can find the IoCs in our GitHub repo: <br><a href="https://github.com/eset/malware-ioc/tree/master/deceptivedevelopment" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/eset/malware-ioc/tr</span><span class="invisible">ee/master/deceptivedevelopment</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload