Over the 10k #malware C2 panels on https://t.co/NCtVSQlP6n

IOC: verify-captcha[.]sbs 83.217.209[.]224 www.msk-captcha[.]cfd Port: 3000 #malware #UniHex #RAT Title: UNIHEX C2 // ROOT

#Stealc #Malware 🚨58 IP's with Low Hits on VT related to Stealc🚨 https://t.co/6RLEQDqKdz CC: @banthisguy9349 @NDA0E @BlinkzSec @kddx0178318 @raghav127001 @DaveLikesMalwre @g0njxa @ViriBack @500mk500 @ge0lev @marsomx_ @JAMESWT_MHT @DonPasci

pdb path for the win on this #stealerium run: https://t.co/NGoyQ3pgbU

Bear Stealer 94[.156.114.203:5000 9222dc6f7effcd68d7fbd81e979a38ba8ce16bd1b780d107cdf9b073fb298fb1 @500mk500

🧪 New "123 | Stealer" Offered in Underground Forums The threat actor #koneko is offering a credential stealer for US$120 per month, as advertised on a cybercrime forum. 🔍 Alleged features: – Written in C++ – Steals: browser data, cookies, passwords, crypto wallets, process

Santa Stealer promoted on TG 31[.57.38.244 stealer[.su/login Lot of exe communicating to the IP @500mk500

123 Stealer 91[.215.85.42:3003 Edits: https://t.co/FrQqvT2tUA https://t.co/7aX5HKTIFu

MioLab MacOS Stealer being promoted on forum. Found some panels miov2iaiaoubqosiqoiajwowiwjso[.online 196[.251.107.97 on port 80 and 3000 mioisiskwowiwjowuwjwolab[.club @500mk500

CertCentral is now TheCertGraveyard[.]org & CertGraveyard[.]org. The CertCentral API returns an error directing to use the new domains. Please give me a like or a share to get the word out. Also use the site to report and investigate certificates used to sign malware. :)

Browser Stealer Login http[://185.126.67.34[:8000/ @500mk500 @ViriBack

zenRAT active on 185[.158.251.148[:4000 Being promoted on TG and \\ #RAT

Currently seeing a surge on #CastleLoader malware being delivered through fake websites impersonating software used in enterprise environments such as Zabbix or RVTools (see photo 1 & 2). IOCS below 👾🔎 Please note that this campaign uses the same exact template lures of

Lenders can more easily work with state and local agencies to find grants and programs that may help borrowers afford a home thanks to our streamlined resources. Learn how.

If you want to understand attacker actions on target without being the target yourself, check out DeceptionPro. DeceptionPro creates an enterprise network for you to detonate malware payloads. Check out my blogpost in the thread to learn more about how it works. 🔗👇

Cyber Stealer jerk hiding behind se* shop (LLCPPC you need to do something again 🤣) dorklife[.vip cyberv2[.live https[://176[.65.141.143 fofa icon_hash="-516595605" @500mk500

New Active Panel 31[.58.169.29[:1133/login 151[.243.254.56[:1133/login

Low detection Latrodecus Signed "Ballbusters Oy" 😳 C2: gansroroyfgdst[.]com/work/, triosdoryumkas[.]com/work/ 49c20938fbd31a92a359147b539de76d59be71abf7560801ecc497ca9c8ae809 AnyRun: https://app.any[.]run/tasks/3becb418-0a63-48c5-b54d-adcea0450e45

🛡️Lazarus Stealer IP : 193.151.108.39 AS 207957( Serv .host Group Ltd ) Low detection on @virustotal more Lazarus servers detected by #C2Watcher on https://t.co/od5mNFcggD

#CYBERSTEALER #panel http[://195.177.94[.232/webpanel/panel/login.php https[://arbitrationengine[.com/webpanel/panel/login.php @500mk500 @ViriBack #Stealer #WEBPANEL #THREATINTEL

🕵️‍♂️ SpY-Agent v1.2 IP : 178.16.54[.]226:80 AS 209800( metaspinner net GmbH ) Undetected on @virustotal more Spy-Agent v1.2 servers detected by #C2Watcher on https://t.co/eSMKnpwhzM

Trade more with less with E-mini S&P 500 futures. With only 5-10% margin required, futures offers more margin savings compared with top S&P 500 ETFs.

🟢 Zerotrace IP : 185.174.135[.]177:8080 AS 59711( HZ Hosting Ltd ) Undetected on @virustotal more Zerotrace servers detected by #C2Watcher on https://t.co/CamTjDYMxD