Anurag @Malwarehunterr X Profile

Anurag

@Malwarehunterr

Followers

419

Following

2K

Media

124

Statuses

697

Threat hunting | Malware Analysis | These views are my own and not my employers. https://t.co/cERmryTU76

https://t.co/ATQOh6zbvP

Joined February 2019

Don't wanna be here? Send us removal request.

Anurag

@Malwarehunterr

12 days

🚨 Ongoing phishing campaign abusing Google Cloud Storage as a redirector. Pages hosted on storage[.]googleapis[.]com are redirecting users to multiple scam themes hosted mainly on .autos domains, including: - Walmart survey scams - Dell laptop giveaways - Netflix reward

1

3

Anurag

@Malwarehunterr

1 day

A fake Apple Store login site is using this Discord webhook to steal credentials the-apple-store-iphonedeals/.pages/.dev/ discord/.com/api/webhooks/1390851626503376987/IX1A4AOqcN_oz_KzHoUZMm_ii33Oz4aJVoqGMrzsmTS- #Phishing #CyberSecurity #Discord #Apple @500mk500

1

0

Mikhail Kasimov

@500mk500

2 days

@Malwarehunterr @skocherhan @_SEAL_Org All good

0

1

3

Anurag

@Malwarehunterr

2 days

More URLs tomtom-amigo-update/.pages/.dev tomtom-sat-nav-r4m/.pages/.dev tomtom-sat-nav/.pages/.dev tomtom-motorcycle-gps-update/.pages/.dev navisolve/.com @500mk500 @skocherhan @_SEAL_Org #Phishing #CyberSecurity #ScamAlert

Anurag

@Malwarehunterr

3 days

tomtom-gps-updates/.pages/.dev tomtom-sat-nav-update/.pages/.dev tomtom-rider-550-update/.pages/.dev tomtomupdate/.pages/.dev tomtom-tracker/.pages/.dev tomtom-gps-tracker/.pages/.dev tomtomupdate/.pages/.dev tomtom-navigation-1yr/.pages/.dev tomtom-go-classic-5/pages/.dev

1

0

3

Anurag

@Malwarehunterr

2 days

Crypto scam/Phish Alert A cluster of malicious domains using identical templates to target users across Europe (FR, DE, SE, PL, DK). The sites including Amrix Switch and Bitcoin Storm are designed to harvest credentials and PII. financecryptoworld/.com trackfinanceworld/.com

0

2

Anurag

@Malwarehunterr

3 days

🚨 Phishing Alert A fleet of identical "Crypto Casino" sites is active, using rotating domains and a mirrored UI template to lure users. nozewin197/.pro rasewin/.gl norewin/.cc casewin/.to vazebe/t.gl wincase152/.cc vyroget152/.to many domains already down. #CyberSecurity

2

1

2

Anurag

@Malwarehunterr

3 days

⚠️ Suspicious Activity Alert These crypto related domains and subdomains appear to use identical templates. None are currently flagged as phishing, but they look highly suspicious and are worth monitoring. coinspot.winsoft-client/.com/download solana.mining-tool/.com/download

0

1

2

Mikhail Kasimov

@500mk500

3 days

@Malwarehunterr All good

0

1

Anurag

@Malwarehunterr

3 days

tomtom-gps-updates/.pages/.dev tomtom-sat-nav-update/.pages/.dev tomtom-rider-550-update/.pages/.dev tomtomupdate/.pages/.dev tomtom-tracker/.pages/.dev tomtom-gps-tracker/.pages/.dev tomtomupdate/.pages/.dev tomtom-navigation-1yr/.pages/.dev tomtom-go-classic-5/pages/.dev

Anurag

@Malwarehunterr

3 days

Few more urls i-downloadsoftwares/.com/.navisolve/.com/ uchatsupport/.live gpsupdate/.support allgpsupdates/.com @500mk500 @_SEAL_Org #Phishing #CyberSecurity #ScamAlert

1

3

Mikhail Kasimov

@500mk500

3 days

@Malwarehunterr @_SEAL_Org Included with related ones

0

1

Anurag

@Malwarehunterr

3 days

Few more urls i-downloadsoftwares/.com/.navisolve/.com/ uchatsupport/.live gpsupdate/.support allgpsupdates/.com @500mk500 @_SEAL_Org #Phishing #CyberSecurity #ScamAlert

Demon

@volrant136

3 days

@Malwarehunterr + i-downloadsoftwares[.]com Exfiltration to: https://formsubmit[.]co/resolutionaccurate@gmail[.]com Might be Victims: United States India Canada United Kingdom Australia Germany France UAE

1

2

4

Demon

@volrant136

3 days

@Malwarehunterr + i-downloadsoftwares[.]com Exfiltration to: https://formsubmit[.]co/resolutionaccurate@gmail[.]com Might be Victims: United States India Canada United Kingdom Australia Germany France UAE

0

1

2

Mikhail Kasimov

@500mk500

3 days

@Malwarehunterr UPD: Related infra --> https://t.co/YPJgPa3Tkq

0

1

Anurag

@Malwarehunterr

3 days

avast-support/.pages/.dev #Phishing #CyberSecurity #ScamAlert #Avast

Anurag

@Malwarehunterr

3 days

⚠️ Phishing Alert Multiple suspicious domains impersonating #Avast (not fully confirmed, but highly suspicious) avast-customer-service/.pages/.dev aclogportal/.com/avast-login myuserlogin/.net supportby/.chat getchatsupport/.live Fake support pages and chat prompts, likely

0

2

Anurag

@Malwarehunterr

3 days

⚠️ Phishing Alert Multiple suspicious domains impersonating #Avast (not fully confirmed, but highly suspicious) avast-customer-service/.pages/.dev aclogportal/.com/avast-login myuserlogin/.net supportby/.chat getchatsupport/.live Fake support pages and chat prompts, likely

3

2

8

Anurag

@Malwarehunterr

3 days

new-year/.bigsaleoffer/.shop/MxrLn/OFFER/meesho/ #Phishing #CyberCrime #Meesho #Infosec #UPIFraud

Anurag

@Malwarehunterr

3 days

Similar site: new.megasaleoffers/.shop/Triyo24Jan/OFFER/meesho-tshirt/ #Phishing #CyberCrime #Meesho #Infosec #UPIFraud @500mk500 @skocherhan @AmberMille78556 @Phish_Destroy

0

1

2

Anurag

@Malwarehunterr

3 days

Similar site: new.megasaleoffers/.shop/Triyo24Jan/OFFER/meesho-tshirt/ #Phishing #CyberCrime #Meesho #Infosec #UPIFraud @500mk500 @skocherhan @AmberMille78556 @Phish_Destroy

Anurag

@Malwarehunterr

4 days

🚨 Fake Meesho site alert! domain: dhamaka-offer/.live/Scout/OFFER/meesho99 They request UPI payment to an individual rather than the company. similar suspicious domains: www.dhamaka-offer/.live bigg.live-sale-on/.com www.mast-deal/.shop #Phishing #CyberCrime #Meesho

1

0

5

CyberDost I4C

@Cyberdost

4 days

India Steps Up Its Fight Against Cybercrime Cyber law enforcement agencies across the country continue to crack down on organised fraud networks. Watch weekly Cyber Samachar: https://t.co/eCx4rartNV #CyberCrimeNews #OnlineFraud #CyberSecurity #IndiaFightsFraud #StaySafeOnline

7

22

38

Anurag

@Malwarehunterr

4 days

⚠️ Phishing Alert – Device Code Phishing URL: sharepoint-marubeni/.pages/.dev Redirects to: sharepoint-marubeni/.pages/.dev auth/.duemineral/.uk/l/q5-nz28VeNc #Phishing #CyberSecurity #ThreatIntelligence #Infosec #DeviceCodePhishing #Microsoft @500mk500 @skocherhan

0

1

4

Anurag

@Malwarehunterr

4 days

🚨 Fake Meesho site alert! domain: dhamaka-offer/.live/Scout/OFFER/meesho99 They request UPI payment to an individual rather than the company. similar suspicious domains: www.dhamaka-offer/.live bigg.live-sale-on/.com www.mast-deal/.shop #Phishing #CyberCrime #Meesho

0

3

8

ܛܔܔܔܛܔܛܔܛ

@skocherhan

5 days

#Phishing 1alf[.]proxette[.]cc/payouts/ 1aln[.]lofesdes[.]cc/payouts/ 1are[.]proxette[.]cc/payouts/ 1art[.]lofesdes[.]cc/payouts/ 1asw[.]lofesdes[.]cc/payouts/ 1ayg[.]lofesdes[.]cc/payouts/ 1bam[.]proxofive[.]cc/payouts/ 1baz[.]bunensio[.]cc/payouts/

0

3

4