home.social
Sign in Create account

#appleseed — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #appleseed, aggregated by home.social.

  1. OTX Bot @[email protected] ·

    Disclosing new PebbleDash-based tools

    Kaspersky researchers conducted an in-depth analysis of Kimsuky APT activity, revealing tactical shifts and new malware variants based on the PebbleDash platform. The group introduced HelloDoor, a Rust-based backdoor, httpMalice leveraging HTTP and Dropbox communications, and updated MemLoad and httpTroy variants. Kimsuky maintains persistence through legitimate tools including VSCode Tunneling with GitHub authentication and DWAgent remote management software. Initial access occurs via spear-phishing with malicious attachments disguised as documents. The group primarily targets South Korean entities across government and defense sectors, with additional PebbleDash attacks observed in Brazil and Germany. Infrastructure relies on free South Korean hosting services and tunneling services like Cloudflare Quick Tunnels and Ngrok. Both PebbleDash and AppleSeed malware clusters demonstrate ongoing development with shared distribution methods, stolen certificates, and overlapping targets, indicating single-actor c...

    Pulse ID: 6a05af0979e3cc1214a50d4e
    Pulse Link: otx.alienvault.com/pulse/6a05a
    Pulse Author: AlienVault
    Created: 2026-05-14 11:16:25

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #AppleSeed #BackDoor #Brazil #Cloud #CyberSecurity #Dropbox #Germany #GitHub #Government #HTTP #InfoSec #Kaspersky #Kimsuky #Korea #Malware #OTX #OpenThreatExchange #Phishing #RAT #Rust #SouthKorea #SpearPhishing #UK #bot #AlienVault

    #appleseed #backdoor #brazil #cloud #cybersecurity #dropbox
  2. OTX Bot @[email protected] ·

    Disclosing new PebbleDash-based tools

    Kaspersky researchers conducted an in-depth analysis of Kimsuky APT activity, revealing tactical shifts and new malware variants based on the PebbleDash platform. The group introduced HelloDoor, a Rust-based backdoor, httpMalice leveraging HTTP and Dropbox communications, and updated MemLoad and httpTroy variants. Kimsuky maintains persistence through legitimate tools including VSCode Tunneling with GitHub authentication and DWAgent remote management software. Initial access occurs via spear-phishing with malicious attachments disguised as documents. The group primarily targets South Korean entities across government and defense sectors, with additional PebbleDash attacks observed in Brazil and Germany. Infrastructure relies on free South Korean hosting services and tunneling services like Cloudflare Quick Tunnels and Ngrok. Both PebbleDash and AppleSeed malware clusters demonstrate ongoing development with shared distribution methods, stolen certificates, and overlapping targets, indicating single-actor c...

    Pulse ID: 6a05af0979e3cc1214a50d4e
    Pulse Link: otx.alienvault.com/pulse/6a05a
    Pulse Author: AlienVault
    Created: 2026-05-14 11:16:25

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #AppleSeed #BackDoor #Brazil #Cloud #CyberSecurity #Dropbox #Germany #GitHub #Government #HTTP #InfoSec #Kaspersky #Kimsuky #Korea #Malware #OTX #OpenThreatExchange #Phishing #RAT #Rust #SouthKorea #SpearPhishing #UK #bot #AlienVault

    #appleseed #backdoor #brazil #cloud #cybersecurity #dropbox
  3. OTX Bot @[email protected] ·

    Disclosing new PebbleDash-based tools

    Kaspersky researchers conducted an in-depth analysis of Kimsuky APT activity, revealing tactical shifts and new malware variants based on the PebbleDash platform. The group introduced HelloDoor, a Rust-based backdoor, httpMalice leveraging HTTP and Dropbox communications, and updated MemLoad and httpTroy variants. Kimsuky maintains persistence through legitimate tools including VSCode Tunneling with GitHub authentication and DWAgent remote management software. Initial access occurs via spear-phishing with malicious attachments disguised as documents. The group primarily targets South Korean entities across government and defense sectors, with additional PebbleDash attacks observed in Brazil and Germany. Infrastructure relies on free South Korean hosting services and tunneling services like Cloudflare Quick Tunnels and Ngrok. Both PebbleDash and AppleSeed malware clusters demonstrate ongoing development with shared distribution methods, stolen certificates, and overlapping targets, indicating single-actor c...

    Pulse ID: 6a05af0979e3cc1214a50d4e
    Pulse Link: otx.alienvault.com/pulse/6a05a
    Pulse Author: AlienVault
    Created: 2026-05-14 11:16:25

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #AppleSeed #BackDoor #Brazil #Cloud #CyberSecurity #Dropbox #Germany #GitHub #Government #HTTP #InfoSec #Kaspersky #Kimsuky #Korea #Malware #OTX #OpenThreatExchange #Phishing #RAT #Rust #SouthKorea #SpearPhishing #UK #bot #AlienVault

    #appleseed #backdoor #brazil #cloud #cybersecurity #dropbox
  4. OTX Bot @[email protected] ·

    Disclosing new PebbleDash-based tools

    Kaspersky researchers conducted an in-depth analysis of Kimsuky APT activity, revealing tactical shifts and new malware variants based on the PebbleDash platform. The group introduced HelloDoor, a Rust-based backdoor, httpMalice leveraging HTTP and Dropbox communications, and updated MemLoad and httpTroy variants. Kimsuky maintains persistence through legitimate tools including VSCode Tunneling with GitHub authentication and DWAgent remote management software. Initial access occurs via spear-phishing with malicious attachments disguised as documents. The group primarily targets South Korean entities across government and defense sectors, with additional PebbleDash attacks observed in Brazil and Germany. Infrastructure relies on free South Korean hosting services and tunneling services like Cloudflare Quick Tunnels and Ngrok. Both PebbleDash and AppleSeed malware clusters demonstrate ongoing development with shared distribution methods, stolen certificates, and overlapping targets, indicating single-actor c...

    Pulse ID: 6a05af0979e3cc1214a50d4e
    Pulse Link: otx.alienvault.com/pulse/6a05a
    Pulse Author: AlienVault
    Created: 2026-05-14 11:16:25

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #AppleSeed #BackDoor #Brazil #Cloud #CyberSecurity #Dropbox #Germany #GitHub #Government #HTTP #InfoSec #Kaspersky #Kimsuky #Korea #Malware #OTX #OpenThreatExchange #Phishing #RAT #Rust #SouthKorea #SpearPhishing #UK #bot #AlienVault

    #alienvault #bot #uk #spearphishing #southkorea #rust
  5. OTX Bot @[email protected] ·

    Disclosing new PebbleDash-based tools

    Kaspersky researchers conducted an in-depth analysis of Kimsuky APT activity, revealing tactical shifts and new malware variants based on the PebbleDash platform. The group introduced HelloDoor, a Rust-based backdoor, httpMalice leveraging HTTP and Dropbox communications, and updated MemLoad and httpTroy variants. Kimsuky maintains persistence through legitimate tools including VSCode Tunneling with GitHub authentication and DWAgent remote management software. Initial access occurs via spear-phishing with malicious attachments disguised as documents. The group primarily targets South Korean entities across government and defense sectors, with additional PebbleDash attacks observed in Brazil and Germany. Infrastructure relies on free South Korean hosting services and tunneling services like Cloudflare Quick Tunnels and Ngrok. Both PebbleDash and AppleSeed malware clusters demonstrate ongoing development with shared distribution methods, stolen certificates, and overlapping targets, indicating single-actor c...

    Pulse ID: 6a05af0979e3cc1214a50d4e
    Pulse Link: otx.alienvault.com/pulse/6a05a
    Pulse Author: AlienVault
    Created: 2026-05-14 11:16:25

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #AppleSeed #BackDoor #Brazil #Cloud #CyberSecurity #Dropbox #Germany #GitHub #Government #HTTP #InfoSec #Kaspersky #Kimsuky #Korea #Malware #OTX #OpenThreatExchange #Phishing #RAT #Rust #SouthKorea #SpearPhishing #UK #bot #AlienVault

    #appleseed #backdoor #brazil #cloud #cybersecurity #dropbox