#fakermm — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #fakermm, aggregated by home.social.
-
Proofpoint recently identified a fake RMM (Remote Monitoring and Management Tool) called #TrustConnect and #DocConnect🔎💻 Pivoting the threat in our collection reveals that the threat actors spread the same malware under additional names, including:
➡️SoftConnect
➡️HardConnect
➡️AxisControlIt also seems that the threat actor was previously playing around with the legitimate RMM #ScreenConnect (aka ConnectWise) before switching to their own fake RMM 🛠️
What also stands out: the majority of the botnet C2s were hosted at Contabo GmbH 🇩🇪
We track the threat on our platforms as #FakeRMM ⤵️
IOCs on ThreatFox:
🦊 https://threatfox.abuse.ch/browse/tag/FakeRMM/Malware samples:
📄 https://bazaar.abuse.ch/browse/tag/FakeRMM/