#cryptocti — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #cryptocti, aggregated by home.social.
-
Salat Malware Uses Multiple Persistant Methods With Stealthy C2 Server
A new windows malware family named as Salat Stealer has been discoverd. It acts as a legitimate system process including explorer.exe, svchost.exe or Isass.exe. It supports to exfiltrate user sensitive data and critical credentials via HTTP/3 based Command and Control server.
Pulse ID: 69fbf302ea01bd20e28b040a
Pulse Link: https://otx.alienvault.com/pulse/69fbf302ea01bd20e28b040a
Pulse Author: cryptocti
Created: 2026-05-07 02:03:46Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #HTTP #InfoSec #Malware #OTX #OpenThreatExchange #RAT #Windows #bot #cryptocti
-
Salat Malware Uses Multiple Persistant Methods With Stealthy C2 Server
A new windows malware family named as Salat Stealer has been discoverd. It acts as a legitimate system process including explorer.exe, svchost.exe or Isass.exe. It supports to exfiltrate user sensitive data and critical credentials via HTTP/3 based Command and Control server.
Pulse ID: 69fbf302ea01bd20e28b040a
Pulse Link: https://otx.alienvault.com/pulse/69fbf302ea01bd20e28b040a
Pulse Author: cryptocti
Created: 2026-05-07 02:03:46Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #HTTP #InfoSec #Malware #OTX #OpenThreatExchange #RAT #Windows #bot #cryptocti
-
Salat Malware Uses Multiple Persistant Methods With Stealthy C2 Server
A new windows malware family named as Salat Stealer has been discoverd. It acts as a legitimate system process including explorer.exe, svchost.exe or Isass.exe. It supports to exfiltrate user sensitive data and critical credentials via HTTP/3 based Command and Control server.
Pulse ID: 69fbf302ea01bd20e28b040a
Pulse Link: https://otx.alienvault.com/pulse/69fbf302ea01bd20e28b040a
Pulse Author: cryptocti
Created: 2026-05-07 02:03:46Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #HTTP #InfoSec #Malware #OTX #OpenThreatExchange #RAT #Windows #bot #cryptocti
-
Salat Malware Uses Multiple Persistant Methods With Stealthy C2 Server
A new windows malware family named as Salat Stealer has been discoverd. It acts as a legitimate system process including explorer.exe, svchost.exe or Isass.exe. It supports to exfiltrate user sensitive data and critical credentials via HTTP/3 based Command and Control server.
Pulse ID: 69fbf302ea01bd20e28b040a
Pulse Link: https://otx.alienvault.com/pulse/69fbf302ea01bd20e28b040a
Pulse Author: cryptocti
Created: 2026-05-07 02:03:46Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #HTTP #InfoSec #Malware #OTX #OpenThreatExchange #RAT #Windows #bot #cryptocti
-
APT37 Targets Android Devices with BirdCall Malware
Pulse ID: 69fba09cc8c1a2797734624e
Pulse Link: https://otx.alienvault.com/pulse/69fba09cc8c1a2797734624e
Pulse Author: cryptocti
Created: 2026-05-06 20:12:12Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#APT37 #Android #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #bot #cryptocti
-
CloudZ RAT Uses Pheno Plugin to Hijack SMS and OTPs
Pulse ID: 69fb6028957faa5ed109be66
Pulse Link: https://otx.alienvault.com/pulse/69fb6028957faa5ed109be66
Pulse Author: cryptocti
Created: 2026-05-06 15:37:12Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Cloud #CyberSecurity #InfoSec #OTX #OpenThreatExchange #RAT #SMS #bot #cryptocti
-
Hackers Actively Exploit a RCE Vulnerability in Weaver E-Cology
Pulse ID: 69fb5d03291405d941fbfd8d
Pulse Link: https://otx.alienvault.com/pulse/69fb5d03291405d941fbfd8d
Pulse Author: cryptocti
Created: 2026-05-06 15:23:47Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #OTX #OpenThreatExchange #RCE #Vulnerability #bot #cryptocti
-
DDoS Malware Exploiting Jenkins Servers to Attack Valve Source Gaming Infrastructure
A newly discovered DDoS botnet campaign abuses exposed Jenkins servers with weak authentication to deliver Windows and Linux payloads. The malware turns compromised hosts into bots and targets Valve Source Engine game servers using UDP floods, TCP push attacks, HTTP floods and query-based amplification attacks.
Pulse ID: 69f735ac2403f4a4cb9ca4c3
Pulse Link: https://otx.alienvault.com/pulse/69f735ac2403f4a4cb9ca4c3
Pulse Author: cryptocti
Created: 2026-05-03 11:46:52Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #DDoS #DoS #HTTP #InfoSec #Linux #Malware #OTX #OpenThreatExchange #RCE #TCP #UDP #Windows #bot #botnet #cryptocti
-
DDoS Malware Exploiting Jenkins Servers to Attack Valve Source Gaming Infrastructure
A newly discovered DDoS botnet campaign abuses exposed Jenkins servers with weak authentication to deliver Windows and Linux payloads. The malware turns compromised hosts into bots and targets Valve Source Engine game servers using UDP floods, TCP push attacks, HTTP floods and query-based amplification attacks.
Pulse ID: 69f735ac2403f4a4cb9ca4c3
Pulse Link: https://otx.alienvault.com/pulse/69f735ac2403f4a4cb9ca4c3
Pulse Author: cryptocti
Created: 2026-05-03 11:46:52Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #DDoS #DoS #HTTP #InfoSec #Linux #Malware #OTX #OpenThreatExchange #RCE #TCP #UDP #Windows #bot #botnet #cryptocti
-
DDoS Malware Exploiting Jenkins Servers to Attack Valve Source Gaming Infrastructure
A newly discovered DDoS botnet campaign abuses exposed Jenkins servers with weak authentication to deliver Windows and Linux payloads. The malware turns compromised hosts into bots and targets Valve Source Engine game servers using UDP floods, TCP push attacks, HTTP floods and query-based amplification attacks.
Pulse ID: 69f735ac2403f4a4cb9ca4c3
Pulse Link: https://otx.alienvault.com/pulse/69f735ac2403f4a4cb9ca4c3
Pulse Author: cryptocti
Created: 2026-05-03 11:46:52Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #DDoS #DoS #HTTP #InfoSec #Linux #Malware #OTX #OpenThreatExchange #RCE #TCP #UDP #Windows #bot #botnet #cryptocti
-
DDoS Malware Exploiting Jenkins Servers to Attack Valve Source Gaming Infrastructure
A newly discovered DDoS botnet campaign abuses exposed Jenkins servers with weak authentication to deliver Windows and Linux payloads. The malware turns compromised hosts into bots and targets Valve Source Engine game servers using UDP floods, TCP push attacks, HTTP floods and query-based amplification attacks.
Pulse ID: 69f735ac2403f4a4cb9ca4c3
Pulse Link: https://otx.alienvault.com/pulse/69f735ac2403f4a4cb9ca4c3
Pulse Author: cryptocti
Created: 2026-05-03 11:46:52Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #DDoS #DoS #HTTP #InfoSec #Linux #Malware #OTX #OpenThreatExchange #RCE #TCP #UDP #Windows #bot #botnet #cryptocti
-
DDoS Malware Exploiting Jenkins Servers to Attack Valve Source Gaming Infrastructure
A newly discovered DDoS botnet campaign abuses exposed Jenkins servers with weak authentication to deliver Windows and Linux payloads. The malware turns compromised hosts into bots and targets Valve Source Engine game servers using UDP floods, TCP push attacks, HTTP floods and query-based amplification attacks.
Pulse ID: 69f735ac2403f4a4cb9ca4c3
Pulse Link: https://otx.alienvault.com/pulse/69f735ac2403f4a4cb9ca4c3
Pulse Author: cryptocti
Created: 2026-05-03 11:46:52Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #DDoS #DoS #HTTP #InfoSec #Linux #Malware #OTX #OpenThreatExchange #RCE #TCP #UDP #Windows #bot #botnet #cryptocti
-
MiningDropper Android Malware Framework Spreads Infostealers, RATs and Banking Malware
Mining Dropper is an android malware delivery framework used to mine cryptocurrency and for distributing infostealers, Remote Access Trojans and banking malware.
Pulse ID: 69f10f6fb0cd7c248d2f4267
Pulse Link: https://otx.alienvault.com/pulse/69f10f6fb0cd7c248d2f4267
Pulse Author: cryptocti
Created: 2026-04-28 19:50:07Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Android #Bank #CyberSecurity #InfoSec #InfoStealer #Malware #OTX #OpenThreatExchange #RAT #RemoteAccessTrojan #Trojan #bot #cryptocurrency #cryptocti
-
GlassWorm Malware Targets OpenVSX Extensions
GlassWorm malware has re-emerged targeting OpenVSX ecosystem using 73 deceptive “sleeper” extensions that appears harmless and legitimate but when installed, they fetch and install malware through updates. The malware is capable of harvesting sensitive credential data, cryptocurrency wallets, and access tokens resulting a full system compromise.
Pulse ID: 69f0fc82111cbf67484f0be4
Pulse Link: https://otx.alienvault.com/pulse/69f0fc82111cbf67484f0be4
Pulse Author: cryptocti
Created: 2026-04-28 18:29:22Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #Worm #bot #cryptocurrency #cryptocti
-
MiningDropper Android Malware Framework Spreads Infostealers, RATs and Banking Malware
Pulse ID: 69efe9be79a111a361b58652
Pulse Link: https://otx.alienvault.com/pulse/69efe9be79a111a361b58652
Pulse Author: cryptocti
Created: 2026-04-27 22:57:02Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Android #Bank #CyberSecurity #InfoSec #InfoStealer #Malware #OTX #OpenThreatExchange #RAT #bot #cryptocti
-
Lazarus Group Targets macOS Users via ClickFlixAttack
Lazarus Group uses ClickFixto trick macOS users into fake meeting pages and executing malicious commands.
Pulse ID: 69ec9743b876273d04a7efb0
Pulse Link: https://otx.alienvault.com/pulse/69ec9743b876273d04a7efb0
Pulse Author: cryptocti
Created: 2026-04-25 10:28:19Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Lazarus #Mac #MacOS #OTX #OpenThreatExchange #bot #cryptocti
-
Lazarus Group Targets macOS Users via ClickFlixAttack
Lazarus Group uses ClickFixto trick macOS users into fake meeting pages and executing malicious commands.
Pulse ID: 69ec976bddee2a8bbe864445
Pulse Link: https://otx.alienvault.com/pulse/69ec976bddee2a8bbe864445
Pulse Author: cryptocti
Created: 2026-04-25 10:28:59Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Lazarus #Mac #MacOS #OTX #OpenThreatExchange #bot #cryptocti
-
CanisterWorm Supply Chain Attack via Compromised Accounts and Malicious Package Updates
Pulse ID: 69ea7b8285a87fe7317d5d09
Pulse Link: https://otx.alienvault.com/pulse/69ea7b8285a87fe7317d5d09
Pulse Author: cryptocti
Created: 2026-04-23 20:05:22Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #OTX #OpenThreatExchange #SupplyChain #Worm #bot #cryptocti
-
Mirai Campaign Exploits Command Injection Vulnerability in D-Link Routers
Attackers are exploiting a command injection vulnerability in end of life D Link routers to deploy Mirai malware and expand botnet operations.
Pulse ID: 69e95e18e14e580690a095ac
Pulse Link: https://otx.alienvault.com/pulse/69e95e18e14e580690a095ac
Pulse Author: cryptocti
Created: 2026-04-22 23:47:36Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Malware #Mirai #OTX #OpenThreatExchange #RAT #Vulnerability #bot #botnet #cryptocti
-
SEO Poisoning Attack Abuses Microsoft Signed Binary for RMM Tool Installation
SEO poisoning campaign has discovered impersonating legitimate open source data recovery tool named TestDisk. It silently installs ScreenConnect remote monitoring and management client to gain command execution, file transfer and lateral movement in the network.
Pulse ID: 69e4d8e980b032626e88ccd8
Pulse Link: https://otx.alienvault.com/pulse/69e4d8e980b032626e88ccd8
Pulse Author: cryptocti
Created: 2026-04-19 13:30:17Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Microsoft #OTX #OpenThreatExchange #RCE #SEOPoisoning #ScreenConnect #bot #cryptocti
-
JanelaRAT an Advanced Banking Trojan Targeting Financial Users
JanelaRAT is an evolving Remote Access Trojan targeting financial users in Latin America using multi stage infection chains, phishing and DLL sideloading to steal banking and cryptocurrency data while employing evasion, persistence and interactive techniques to bypass security controls.
Pulse ID: 69e48460c771926e0e7231bc
Pulse Link: https://otx.alienvault.com/pulse/69e48460c771926e0e7231bc
Pulse Author: cryptocti
Created: 2026-04-19 07:29:36Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Bank #BankingTrojan #CyberSecurity #InfoSec #LatinAmerica #OTX #OpenThreatExchange #Phishing #RAT #RemoteAccessTrojan #SideLoading #Trojan #bot #cryptocurrency #cryptocti
-
Mirax RAT Targeting Android via Meta Platforms
Mirax is an Android RAT and banking malware sold via a restricted MaaS model.
Pulse ID: 69e14ecdb23562115a20a74f
Pulse Link: https://otx.alienvault.com/pulse/69e14ecdb23562115a20a74f
Pulse Author: cryptocti
Created: 2026-04-16 21:04:13Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Android #Bank #CyberSecurity #InfoSec #MaaS #Malware #OTX #OpenThreatExchange #RAT #bot #cryptocti
-
Mirax RAT Targeting Android via Meta Platforms
Mirax is an Android RAT and banking malware sold via a restricted MaaS model.
Pulse ID: 69e14ecdb23562115a20a74f
Pulse Link: https://otx.alienvault.com/pulse/69e14ecdb23562115a20a74f
Pulse Author: cryptocti
Created: 2026-04-16 21:04:13Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Android #Bank #CyberSecurity #InfoSec #MaaS #Malware #OTX #OpenThreatExchange #RAT #bot #cryptocti
-
Mirax RAT Targeting Android via Meta Platforms
Mirax is an Android RAT and banking malware sold via a restricted MaaS model.
Pulse ID: 69e14ecdb23562115a20a74f
Pulse Link: https://otx.alienvault.com/pulse/69e14ecdb23562115a20a74f
Pulse Author: cryptocti
Created: 2026-04-16 21:04:13Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Android #Bank #CyberSecurity #InfoSec #MaaS #Malware #OTX #OpenThreatExchange #RAT #bot #cryptocti
-
Mirax RAT Targeting Android via Meta Platforms
Mirax is an Android RAT and banking malware sold via a restricted MaaS model.
Pulse ID: 69e14ecdb23562115a20a74f
Pulse Link: https://otx.alienvault.com/pulse/69e14ecdb23562115a20a74f
Pulse Author: cryptocti
Created: 2026-04-16 21:04:13Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Android #Bank #CyberSecurity #InfoSec #MaaS #Malware #OTX #OpenThreatExchange #RAT #bot #cryptocti
-
Fake Adobe Reader Installer Distributes ScreenConnect via Stealthy In-Memory Loader
Pulse ID: 69e1417ff1733e4e30958f60
Pulse Link: https://otx.alienvault.com/pulse/69e1417ff1733e4e30958f60
Pulse Author: cryptocti
Created: 2026-04-16 20:07:27Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Adobe #AdobeReader #CyberSecurity #InfoSec #OTX #OpenThreatExchange #ScreenConnect #bot #cryptocti
-
Ransomware Actors Broaden Use of EDR Disabling Techniques Beyond Vulnerable Drivers
EDR killers are widely used in ransomware intrusions to turn off security software before attacks, using methods like BYOVD (Bring Your Own Vulnerable Driver), driverless tools, scripts and anti rootkit utilities.
Pulse ID: 69e1166fa36722489928aa73
Pulse Link: https://otx.alienvault.com/pulse/69e1166fa36722489928aa73
Pulse Author: cryptocti
Created: 2026-04-16 17:03:43Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #EDR #InfoSec #OTX #OpenThreatExchange #RansomWare #Rootkit #bot #cryptocti
-
MacOS Users Targeted with Malicious Ads
Pulse ID: 660814c075108fd8cce84e36
Pulse Link: https://otx.alienvault.com/pulse/660814c075108fd8cce84e36
Pulse Author: cryptocti
Created: 2024-03-30 13:33:52Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Mac #MacOS #MaliciousAds #OTX #OpenThreatExchange #bot #cryptocti