home.social

#fakeupdates — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #fakeupdates, aggregated by home.social.

  1. Watch out as new research shows SocGholish Malware as Service (MaaS) is exploiting compromised websites and fake software updates to push ransomware and infostealers worldwide.

    Read: hackread.com/socgholish-malwar

    #SocGholish #Malware #FakeUpdates #Ransomware #InfoStealer

  2. Watch out as new research shows SocGholish Malware as Service (MaaS) is exploiting compromised websites and fake software updates to push ransomware and infostealers worldwide.

    Read: hackread.com/socgholish-malwar

  3. Watch out as new research shows SocGholish Malware as Service (MaaS) is exploiting compromised websites and fake software updates to push ransomware and infostealers worldwide.

    Read: hackread.com/socgholish-malwar

    #SocGholish #Malware #FakeUpdates #Ransomware #InfoStealer

  4. 2024-12-17 (Tuesday): #SmartApeSG injected script leads to fake browser update page, and that page leads to a #NetSupport #RAT infection.

    Just like my last post here, there are 2 injected scripts in a page from the compromised site, one using using depostsolo[.]biz and one using tactlat[.]xyz.

    A #pcap of the infection traffic, associated malware samples and more information is available at malware-traffic-analysis.net/2

    NetSupportRAT C2 for this campaign continues to be 194.180.191[.]64 since as early as 2024-11-22.

    #FakeUpdates #NetSupportRAT

  5. sync[.]webappclick[.]net is a new #SocGholish / #FakeUpdates "ndsj" TDS. It joins on 45.130.201[.]24 its friend cachespace[.]net still found in the wild from time to time.

  6. I've published the second in a series of blog posts on SocGholish related activity. The latest installment focuses on breaking down the fake update payload itself.

    rerednawyerg.github.io/malware

    #socgholish #malware #intel #fakeupdates

  7. I've been wanting to start a malware analysis/RE blog as I improve my skills. I published my first analysis a few days ago. Started out by analyzing a site with a malicious JavaScript inject leading to a SocGholish payload.

    rerednawyerg.github.io/malware

    #socgholish #malware #fakeupdates

  8. On today's , we're back at it with some more Analysis! I have a fresh /#SocGholish sample to pick apart. Join the investigation live at 17:00 PST/ 01:00 UTC! twitch.tv/mttaggart