Discover and read the best of Twitter Threads about #malware

Most recents (8)

THREAD: French company has created lots of fake domains pretending to be some very popular free software and is using these sites to distribute bundled adware and malware. /1 #malware #spoof #adware #opensource
Company name and information. /2
All domains lead to this ip: 185[.]46[.]229[.]39. First activity seen on March 30th. /3 #IoC #malware
Read 8 tweets
1) 1st #TwitterBot du jour. I have 2wonder if they can read the #INSTABLOCK [ ! ]
2) For those of U that may wonder why I go on about the #TwitterBots, here's one of the pieces of the story of this accounts time & the Bot assaults.
This is what they look like. This is a #BotFarm. Take $100k worth of iPhones, add more tech & a tech orchestrator (coder) & start
3) fake accounts on each one. Add various programs as time passes & release into the #TwitterSphere.
Soon after starting this account, DM's began coming thru that had a #Youtube link. Most often there was nothing else. I won't show the link as text as it could be opened & that's
Read 13 tweets
So I've been researching stalkerware for a while now, and I always had a feeling that a lot of the companies were linked in sort of clusters. Figured I'd go ahead and show one of those clusters now, and this guy "John Nguyen", though I'm pretty sure that is his actual name.
John runs "hellospy", "mobiispy", "maxxspy", "247spy", "1topspy", "spytic" & other companies that sell targeted #malware for surveillance of partners known as "stalkerware". He is not very good at covering his tracks. How bad? He has a youtube channel. youtube.com/channel/UCdxoX…
As well as his youtube channel he had quite the presence on Google+ promoting his various products .
Read 10 tweets
IDA's remote debugger is my go-to for debugging malware so that I never have to restore my VM and lose. If you're interested in trying it, I've attached some instructions on how to set it up to debug a DLL. (1/4) #malware #reverseengineering
1. Copy the remote debugger for your platform from the "dbgsrv" directory in your IDA installation directory to the debugging target and execute. -h will show you other options for configuring a password, port number etc. (2/4)
2. On the machine running IDA, select "Remote Windows Debugger" from the debugger dropdown.
3. Select Debugger -> Process Options from the menu, and fill in the parameters. Below I've included a sample configuration.
4. Select OK, and start the debugger like normal. (3/4)
Read 4 tweets
Just found an unlisted Pastebin shared by @James_inthe_box listing 124 #lokibot URLs. Pastebin.com/SyeXWqQE #osint
If you want to learn more about LokiBot, check out this write up. threatfabric.com/blogs/lokibot_… #malware
If you want to learn more about my method of finding unlisted Pastebin pages, read here. jakecreps.com/2018/10/10/osi… #osint
Read 3 tweets
I’m analysing #KevDroid samples the new #Android #malware discovered several days ago by #ESTSecurity
blog.alyac.co.kr/1587
The samples are available on @koodous_project and @virusbay_io
28c69801929f0472cef346880a295cdf4956023cd3d72a1b6e72238f5b033aca
679d6ad1dd6d1078300e24cf5dbd17efea1141b0a619ff08b6cc8ff94cfbb27e
990d278761f87274a427b348f09475f5da4f924aa80023bf8d2320d981fb3209
Read 13 tweets
ICYMI: Test Your #VPN's Anti #Phishing Protection .@planetscape .@ALT_uscis .@COPicard2017 .@IndivisibleNet #InfoSec
When #Ransomware 1st Appeared, .@FoolishIT Issued #CryptoPrevent - Is Free, Now Updated. Recommended! foolishit.com/cryptoprevent-… #InfoSec
Read 13 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!