#datapacket β Public Fediverse posts
Live and recent posts from across the Fediverse tagged #datapacket, aggregated by home.social.
-
#GammaGroup #FinFisher #FinSpy #SystemApp callback caught #CALEA #malware #GreyMarket #investigations
π»π€β£οΈπ€π€³ π£ππ§
on #BunnyNet's CDN from #DataPacket
Interesting vectors... Quite the pointers this scan. Was scanned last 1yr ago. Showed up as malicious. Scans clean now except for the #malware found as a #GammaGroup shim caught nao. π£
Caught a bit o' Meta also in the callback graph. Huh.
#VirusTotal
https://www.virustotal.com/graph/embed/g7ee0dd48fe8e4dbbaf440955ee7bfbf57af12ca1c14543e08671f514fafb75be -
CW: LARGE List of #GammaGroup #FinFisher #FinSpy hosts #GreyMarket #CALEAmalware #CALEA #investigations
Aggregation of my #GammaGroup #FinFisher attaccc nodes logged for the past 2+yrs. #RTDNA #CALEA #GreyMarket #malware #licensing #investigations β£οΈππ§ #infosec
ΒΉ #BunnyCDN / #DataPacket
https://infosec.exchange/@infosec_jcp/112719219876040798Β² #AWS in #AMER & #EU
https://infosec.exchange/@infosec_jcp/112724625585749421Β³ #Google
https://infosec.exchange/@infosec_jcp/112724771286452381β΄ #Akamai
https://infosec.exchange/@infosec_jcp/112724939254649507β΅ #CloudFront
https://infosec.exchange/@infosec_jcp/112725394617753232βΆ #FastLy #Twitter & Misc IPs ( LARGE LIST )
https://infosec.exchange/@infosec_jcp/112725566169727889@eff
@[email protected]
@[email protected]
@aclu
@unofficial_aclu
@acluva -
CW: #GammaGroup #FinFisher #FinSpy #SystemApp callback list of hosts / shims on #BunnyNet via #DataPacket
Historical list of #SystemApp callback to #FinFisher clients logged while on #InfoseceXchange that's good for #tcpdump correlation #investigations in #Germany on the CDN #DataPacket hosting the #BunnyNet since November 2022ish for #GermanProsecutors to correlate.
#FinFisherComπ€#EnemyOfTheInternet
#CALEA #greymarket #CALEAmalware ππ§#infosec
ΒΉ
143-244-49-183.bunnyinfra.netΒ²
143-244-50-83.bunnyinfra.netΒ³
169.150.221.147β΄
143-244-50-88.bunnyinfra.netβ΅
143-244-50-211.bunnyinfra.netβΆ
169-150-249-163.bunnyinfra.netβ·
169-150-221-147.bunnyinfra.netβΈ
143-244-50-82.bunnyinfra.netβΉ
143-244-50-213.bunnyinfra.netΒΉβ°
143-244-50-209.bunnyinfra.netΒΉΒΉ
143-244-49-180.bunnyinfra.netΒΉΒ²
143.244.50.214ΒΉΒ³
185-93-1-251.bunnyinfra.netΒΉβ΄
unn-169-150-249-163.datapacket.comΒΉβ΅
unn-169-150-249-165.datapacket.comΒΉβΆ
unn-169-150-249-164.datapacket.comΒΉβ·
unn-169-150-249-166.datapacket.comCities:
ΒΉ
https://www.reddit.com/r/netzpolitik/comments/jax0e3/our_criminal_complaint_german_statemalware/Β²
https://en.wikipedia.org/wiki/FinFisherβ΅
https://www.securityweek.com/german-authorities-seize-spyware-firm-finfishers-accounts/ -
New #BunnyNet #GammaGroup #FinFisher #FinSpy #Finsky shim for #SystemApp found. #StateSponsoredMalwareβ’β
This host hasn't been scanned in over 1yr until today.
Initially scanned and found nothing. Dug in a bit further and found some interesting vectors for wot compromised #DataPacket's #BunnyCDN #BunnyNet though #blueteam at #DataPacket β οΈπβ£οΈ
#VirusTotal
https://www.virustotal.com/graph/embed/gdb48e1efd4a845b9951dcef691fdf3a2f8c56309a9ef445b8f0b7767a351a0e4 -
Huh. _TWO_ badbunny hosts with the #SystemApp #GammaGroup #FinFisher #FinSpy #Finsky callback to client but ... This time the scanned host comes up with interesting results after being caught. Both back to back attack attempts.
One host was scanned about a year ago and the other, another attack node quite frequently used, was scanned less than a month ago.
#Datapacket.Com #BunnyNet #InfosecExchange #infosec #fediverse #fediadmin
Typical attack pattern. After detection an attempt of using the #QuicksandModule was sent to client, tried crashing client. SystemUI crash attempt, etc.
-
πβ£οΈ The amount of exploited #BunnyNet hosts on #DataPacket has increased which hosts a lot of the #fediverse. #Germany β£οΈπ
#GammaGroup #FinFisher #fediverse #FinSpy #Finsky #CALEA #GreyMarket #investigations #infosec
-
Damn, #BunnyNet, hopping AND a blocking someone! ππππ₯π #infosec #FinFisher #FinSpy #SSMβ’ #GreyMarket #investigations #Germany #DataPacketπ¬π
Lots to unpack collections wise here
π¬π
β£οΈ
π