home.social

#latrodectus — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #latrodectus, aggregated by home.social.

  1. 𝗪𝗜𝗞𝗜𝗣𝗘𝗗𝗜𝗔'𝗦 𝗙𝗘𝗔𝗧𝗨𝗥𝗘𝗗 𝗔𝗥𝗧𝗜𝗖𝗟𝗘

    ✧ katipō ✧

    The katipō (Latrodectus katipo) is a species of cobweb spider found only in New Zealand. It inhabits sand dunes close to the seashore and is found on most of New Zealand's coastline, except for the far south and the West Coast. In the South Island and the lower half of the North Island, the female has a distinct red stripe bord...

    #latrodectus #newzealand #westcoast #southisland #latrodectuskatipo #wikipedia
    en.wikipedia.org/wiki/Katip%C5

  2. 𝗪𝗜𝗞𝗜𝗣𝗘𝗗𝗜𝗔'𝗦 𝗙𝗘𝗔𝗧𝗨𝗥𝗘𝗗 𝗔𝗥𝗧𝗜𝗖𝗟𝗘

    ✧ katipō ✧

    The katipō (Latrodectus katipo) is a species of cobweb spider found only in New Zealand. It inhabits sand dunes close to the seashore and is found on most of New Zealand's coastline, except for the far south and the West Coast. In the South Island and the lower half of the North Island, the female has a distinct red stripe bord...

    #latrodectus #newzealand #westcoast #southisland #latrodectuskatipo #wikipedia
    en.wikipedia.org/wiki/Katip%C5

  3. 𝗪𝗜𝗞𝗜𝗣𝗘𝗗𝗜𝗔'𝗦 𝗙𝗘𝗔𝗧𝗨𝗥𝗘𝗗 𝗔𝗥𝗧𝗜𝗖𝗟𝗘

    ✧ katipō ✧

    The katipō (Latrodectus katipo) is a species of cobweb spider found only in New Zealand. It inhabits sand dunes close to the seashore and is found on most of New Zealand's coastline, except for the far south and the West Coast. In the South Island and the lower half of the North Island, the female has a distinct red stripe bord...

    #latrodectus #newzealand #westcoast #southisland #latrodectuskatipo #wikipedia
    en.wikipedia.org/wiki/Katip%C5

  4. 𝗪𝗜𝗞𝗜𝗣𝗘𝗗𝗜𝗔'𝗦 𝗙𝗘𝗔𝗧𝗨𝗥𝗘𝗗 𝗔𝗥𝗧𝗜𝗖𝗟𝗘

    ✧ katipō ✧

    The katipō (Latrodectus katipo) is a species of cobweb spider found only in New Zealand. It inhabits sand dunes close to the seashore and is found on most of New Zealand's coastline, except for the far south and the West Coast. In the South Island and the lower half of the North Island, the female has a distinct red stripe bord...

    #latrodectus #newzealand #westcoast #southisland #latrodectuskatipo #wikipedia
    en.wikipedia.org/wiki/Katip%C5

  5. 𝗪𝗜𝗞𝗜𝗣𝗘𝗗𝗜𝗔'𝗦 𝗙𝗘𝗔𝗧𝗨𝗥𝗘𝗗 𝗔𝗥𝗧𝗜𝗖𝗟𝗘

    ✧ katipō ✧

    The katipō (Latrodectus katipo) is a species of cobweb spider found only in New Zealand. It inhabits sand dunes close to the seashore and is found on most of New Zealand's coastline, except for the far south and the West Coast. In the South Island and the lower half of the North Island, the female has a distinct red stripe bord...

    #latrodectus #newzealand #westcoast #southisland #latrodectuskatipo #wikipedia
    en.wikipedia.org/wiki/Katip%C5

  6. 💬 Telegram plays an important role in many underground businesses. Threat actors commonly stand up channels to market and support malicious activities such as malware-as-a-service (MaaS) subscriptions. While investigating ScreenConnect servers, a remote access support tool commonly abused by threat actors, we found an interesting business that we had never seen before. This actor used telegram as a storefront and support channel for an underground Remote Access Toolkit Online (RATO) platform. Technically RATO is a service that bundles cPanel and ScreenConnect technology to help its cyber criminal customers remotely access victim machines and manage scams, phishing, and malware (e.g. Latrodectus).

    🐀 🔴 We discovered several servers that matched a ScreenConnect signature but these instances did not serve the typical ScreenConnect web content. Instead, their service is called "RATO PLATFORM" and the portal page shows the slogan "Can't catch the RAT__". We've found several telegram channels that promote services named "RATO", use the rat head logo (see attached image), or the domain rato[.]to. Based on their telegram chat content, it's clear their business model is focused on enabling cybercrime.

    @rato_support
    @ratofaqs
    @rato_backup
    @rato_hosting
    @Rato2_bot

    Consistent with RATO’s “BulletProof & Anti-Red Hosting” feature, we saw many RATO instances on ASNs with a high concentration of malicious activity (e.g., AS202412). Additionally, RATO infrastructure shows strong ties to Indonesia including Indonesian IP addresses in passive DNS and domains within the same cloudflare account used for serving online gambling to Indonesian-speaking users. Collectively, RATO and its customers operate a large number of domains. Here are some examples:

    asakusubinitohas[.]com
    bmw320ikaka[.]co
    cpusx[.]com
    newoneazu[.]com
    ratmail[.]pro
    rato[.]page
    rato[.]to
    ratodemo[.]pro
    sesrecipt[.]com
    silk-gen[.]com
    sunostart[.]com
    viewyourstatementonline[.]com

    #dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #scam #phishing #malware #maas #telegram #indonesia #screenconnect #latrodectus #rat #rmm #remotemonitoringmanagement #downloader #spam #rato

  7. 💬 Telegram plays an important role in many underground businesses. Threat actors commonly stand up channels to market and support malicious activities such as malware-as-a-service (MaaS) subscriptions. While investigating ScreenConnect servers, a remote access support tool commonly abused by threat actors, we found an interesting business that we had never seen before. This actor used telegram as a storefront and support channel for an underground Remote Access Toolkit Online (RATO) platform. Technically RATO is a service that bundles cPanel and ScreenConnect technology to help its cyber criminal customers remotely access victim machines and manage scams, phishing, and malware (e.g. Latrodectus).

    🐀 🔴 We discovered several servers that matched a ScreenConnect signature but these instances did not serve the typical ScreenConnect web content. Instead, their service is called "RATO PLATFORM" and the portal page shows the slogan "Can't catch the RAT__". We've found several telegram channels that promote services named "RATO", use the rat head logo (see attached image), or the domain rato[.]to. Based on their telegram chat content, it's clear their business model is focused on enabling cybercrime.

    @rato_support
    @ratofaqs
    @rato_backup
    @rato_hosting
    @Rato2_bot

    Consistent with RATO’s “BulletProof & Anti-Red Hosting” feature, we saw many RATO instances on ASNs with a high concentration of malicious activity (e.g., AS202412). Additionally, RATO infrastructure shows strong ties to Indonesia including Indonesian IP addresses in passive DNS and domains within the same cloudflare account used for serving online gambling to Indonesian-speaking users. Collectively, RATO and its customers operate a large number of domains. Here are some examples:

    asakusubinitohas[.]com
    bmw320ikaka[.]co
    cpusx[.]com
    newoneazu[.]com
    ratmail[.]pro
    rato[.]page
    rato[.]to
    ratodemo[.]pro
    sesrecipt[.]com
    silk-gen[.]com
    sunostart[.]com
    viewyourstatementonline[.]com

    #dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #scam #phishing #malware #maas #telegram #indonesia #screenconnect #latrodectus #rat #rmm #remotemonitoringmanagement #downloader #spam #rato

  8. 💬 Telegram plays an important role in many underground businesses. Threat actors commonly stand up channels to market and support malicious activities such as malware-as-a-service (MaaS) subscriptions. While investigating ScreenConnect servers, a remote access support tool commonly abused by threat actors, we found an interesting business that we had never seen before. This actor used telegram as a storefront and support channel for an underground Remote Access Toolkit Online (RATO) platform. Technically RATO is a service that bundles cPanel and ScreenConnect technology to help its cyber criminal customers remotely access victim machines and manage scams, phishing, and malware (e.g. Latrodectus).

    🐀 🔴 We discovered several servers that matched a ScreenConnect signature but these instances did not serve the typical ScreenConnect web content. Instead, their service is called "RATO PLATFORM" and the portal page shows the slogan "Can't catch the RAT__". We've found several telegram channels that promote services named "RATO", use the rat head logo (see attached image), or the domain rato[.]to. Based on their telegram chat content, it's clear their business model is focused on enabling cybercrime.

    @rato_support
    @ratofaqs
    @rato_backup
    @rato_hosting
    @Rato2_bot

    Consistent with RATO’s “BulletProof & Anti-Red Hosting” feature, we saw many RATO instances on ASNs with a high concentration of malicious activity (e.g., AS202412). Additionally, RATO infrastructure shows strong ties to Indonesia including Indonesian IP addresses in passive DNS and domains within the same cloudflare account used for serving online gambling to Indonesian-speaking users. Collectively, RATO and its customers operate a large number of domains. Here are some examples:

    asakusubinitohas[.]com
    bmw320ikaka[.]co
    cpusx[.]com
    newoneazu[.]com
    ratmail[.]pro
    rato[.]page
    rato[.]to
    ratodemo[.]pro
    sesrecipt[.]com
    silk-gen[.]com
    sunostart[.]com
    viewyourstatementonline[.]com

    #dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #scam #phishing #malware #maas #telegram #indonesia #screenconnect #latrodectus #rat #rmm #remotemonitoringmanagement #downloader #spam #rato

  9. 💬 Telegram plays an important role in many underground businesses. Threat actors commonly stand up channels to market and support malicious activities such as malware-as-a-service (MaaS) subscriptions. While investigating ScreenConnect servers, a remote access support tool commonly abused by threat actors, we found an interesting business that we had never seen before. This actor used telegram as a storefront and support channel for an underground Remote Access Toolkit Online (RATO) platform. Technically RATO is a service that bundles cPanel and ScreenConnect technology to help its cyber criminal customers remotely access victim machines and manage scams, phishing, and malware (e.g. Latrodectus).

    🐀 🔴 We discovered several servers that matched a ScreenConnect signature but these instances did not serve the typical ScreenConnect web content. Instead, their service is called "RATO PLATFORM" and the portal page shows the slogan "Can't catch the RAT__". We've found several telegram channels that promote services named "RATO", use the rat head logo (see attached image), or the domain rato[.]to. Based on their telegram chat content, it's clear their business model is focused on enabling cybercrime.

    @rato_support
    @ratofaqs
    @rato_backup
    @rato_hosting
    @Rato2_bot

    Consistent with RATO’s “BulletProof & Anti-Red Hosting” feature, we saw many RATO instances on ASNs with a high concentration of malicious activity (e.g., AS202412). Additionally, RATO infrastructure shows strong ties to Indonesia including Indonesian IP addresses in passive DNS and domains within the same cloudflare account used for serving online gambling to Indonesian-speaking users. Collectively, RATO and its customers operate a large number of domains. Here are some examples:

    asakusubinitohas[.]com
    bmw320ikaka[.]co
    cpusx[.]com
    newoneazu[.]com
    ratmail[.]pro
    rato[.]page
    rato[.]to
    ratodemo[.]pro
    sesrecipt[.]com
    silk-gen[.]com
    sunostart[.]com
    viewyourstatementonline[.]com

    #dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #scam #phishing #malware #maas #telegram #indonesia #screenconnect #latrodectus #rat #rmm #remotemonitoringmanagement #downloader #spam #rato

  10. 💬 Telegram plays an important role in many underground businesses. Threat actors commonly stand up channels to market and support malicious activities such as malware-as-a-service (MaaS) subscriptions. While investigating ScreenConnect servers, a remote access support tool commonly abused by threat actors, we found an interesting business that we had never seen before. This actor used telegram as a storefront and support channel for an underground Remote Access Toolkit Online (RATO) platform. Technically RATO is a service that bundles cPanel and ScreenConnect technology to help its cyber criminal customers remotely access victim machines and manage scams, phishing, and malware (e.g. Latrodectus).

    🐀 🔴 We discovered several servers that matched a ScreenConnect signature but these instances did not serve the typical ScreenConnect web content. Instead, their service is called "RATO PLATFORM" and the portal page shows the slogan "Can't catch the RAT__". We've found several telegram channels that promote services named "RATO", use the rat head logo (see attached image), or the domain rato[.]to. Based on their telegram chat content, it's clear their business model is focused on enabling cybercrime.

    @rato_support
    @ratofaqs
    @rato_backup
    @rato_hosting
    @Rato2_bot

    Consistent with RATO’s “BulletProof & Anti-Red Hosting” feature, we saw many RATO instances on ASNs with a high concentration of malicious activity (e.g., AS202412). Additionally, RATO infrastructure shows strong ties to Indonesia including Indonesian IP addresses in passive DNS and domains within the same cloudflare account used for serving online gambling to Indonesian-speaking users. Collectively, RATO and its customers operate a large number of domains. Here are some examples:

    asakusubinitohas[.]com
    bmw320ikaka[.]co
    cpusx[.]com
    newoneazu[.]com
    ratmail[.]pro
    rato[.]page
    rato[.]to
    ratodemo[.]pro
    sesrecipt[.]com
    silk-gen[.]com
    sunostart[.]com
    viewyourstatementonline[.]com

    #dns #threatintel #threatintelligence #cybercrime #cybersecurity #infosec #infoblox #infobloxthreatintel #scam #phishing #malware #maas #telegram #indonesia #screenconnect #latrodectus #rat #rmm #remotemonitoringmanagement #downloader #spam #rato

  11. La semaine dernière, j'ai eu la chance d'aller à @UYBHYS , où j'ai rencontré quelques fans - et quelques détracteurs qui ne voyaient pas le crocodile en moi, mais une mouette (ils ont trop mangé de palourdes !).
    Ca méritait bien un petit dessin avec des tas de clins d'oeil que je vais laisser à chacun le plaisir de découvrir ;)
    PS. Rien qu'avec les crêpes du jeudi soir, j'étais déjà content d'être venu à la conférence - et elle n'avait pas encore débuté. C'est dire.

    #UYBHYS25 #blagues #conférence #sécurité #rump #ASN1 #latrodectus #frigo #CIRCL #qemu

  12. La semaine dernière, j'ai eu la chance d'aller à @UYBHYS , où j'ai rencontré quelques fans - et quelques détracteurs qui ne voyaient pas le crocodile en moi, mais une mouette (ils ont trop mangé de palourdes !).
    Ca méritait bien un petit dessin avec des tas de clins d'oeil que je vais laisser à chacun le plaisir de découvrir ;)
    PS. Rien qu'avec les crêpes du jeudi soir, j'étais déjà content d'être venu à la conférence - et elle n'avait pas encore débuté. C'est dire.

    #UYBHYS25 #blagues #conférence #sécurité #rump #ASN1 #latrodectus #frigo #CIRCL #qemu

  13. La semaine dernière, j'ai eu la chance d'aller à @UYBHYS , où j'ai rencontré quelques fans - et quelques détracteurs qui ne voyaient pas le crocodile en moi, mais une mouette (ils ont trop mangé de palourdes !).
    Ca méritait bien un petit dessin avec des tas de clins d'oeil que je vais laisser à chacun le plaisir de découvrir ;)
    PS. Rien qu'avec les crêpes du jeudi soir, j'étais déjà content d'être venu à la conférence - et elle n'avait pas encore débuté. C'est dire.

    #UYBHYS25 #blagues #conférence #sécurité #rump #ASN1 #latrodectus #frigo #CIRCL #qemu

  14. La semaine dernière, j'ai eu la chance d'aller à @UYBHYS , où j'ai rencontré quelques fans - et quelques détracteurs qui ne voyaient pas le crocodile en moi, mais une mouette (ils ont trop mangé de palourdes !).
    Ca méritait bien un petit dessin avec des tas de clins d'oeil que je vais laisser à chacun le plaisir de découvrir ;)
    PS. Rien qu'avec les crêpes du jeudi soir, j'étais déjà content d'être venu à la conférence - et elle n'avait pas encore débuté. C'est dire.

    #UYBHYS25 #blagues #conférence #sécurité #rump #ASN1 #latrodectus #frigo #CIRCL #qemu

  15. La semaine dernière, j'ai eu la chance d'aller à @UYBHYS , où j'ai rencontré quelques fans - et quelques détracteurs qui ne voyaient pas le crocodile en moi, mais une mouette (ils ont trop mangé de palourdes !).
    Ca méritait bien un petit dessin avec des tas de clins d'oeil que je vais laisser à chacun le plaisir de découvrir ;)
    PS. Rien qu'avec les crêpes du jeudi soir, j'étais déjà content d'être venu à la conférence - et elle n'avait pas encore débuté. C'est dire.

    #UYBHYS25 #blagues #conférence #sécurité #rump #ASN1 #latrodectus #frigo #CIRCL #qemu

  16. We've observed an interesting infection chain ⛓️ in the wild, starting with #LummaStealer spread through a fake gaming website and resulting in #Latrodectus and #SectopRat 🪲🔍👀

    See below for more ⬇️

  17. We've observed an interesting infection chain ⛓️ in the wild, starting with #LummaStealer spread through a fake gaming website and resulting in #Latrodectus and #SectopRat 🪲🔍👀

    See below for more ⬇️

  18. We've observed an interesting infection chain ⛓️ in the wild, starting with #LummaStealer spread through a fake gaming website and resulting in #Latrodectus and #SectopRat 🪲🔍👀

    See below for more ⬇️

  19. We've observed an interesting infection chain ⛓️ in the wild, starting with #LummaStealer spread through a fake gaming website and resulting in #Latrodectus and #SectopRat 🪲🔍👀

    See below for more ⬇️

  20. We've observed an interesting infection chain ⛓️ in the wild, starting with #LummaStealer spread through a fake gaming website and resulting in #Latrodectus and #SectopRat 🪲🔍👀

    See below for more ⬇️

  21. 🔥 Operation Endgame is BACK! This time targeting #BumbleBee, #Latrodectus, #DanaBot, #WarmCookie, #Qakbot and #Trickbot!

    Once again this is a HUGE win, with a truly international effort! 💪

    As with phase one of #OperationEndgame, Spamhaus are providing remediation support - those affected will be contacted in due course with steps to take.

    For more information, read our write-up here:
    👉 spamhaus.org/resource-hub/malw

  22. 🔥 Operation Endgame is BACK! This time targeting #BumbleBee, #Latrodectus, #DanaBot, #WarmCookie, #Qakbot and #Trickbot!

    Once again this is a HUGE win, with a truly international effort! 💪

    As with phase one of #OperationEndgame, Spamhaus are providing remediation support - those affected will be contacted in due course with steps to take.

    For more information, read our write-up here:
    👉 spamhaus.org/resource-hub/malw

  23. 🔥 Operation Endgame is BACK! This time targeting #BumbleBee, #Latrodectus, #DanaBot, #WarmCookie, #Qakbot and #Trickbot!

    Once again this is a HUGE win, with a truly international effort! 💪

    As with phase one of #OperationEndgame, Spamhaus are providing remediation support - those affected will be contacted in due course with steps to take.

    For more information, read our write-up here:
    👉 spamhaus.org/resource-hub/malw

  24. 🔥 Operation Endgame is BACK! This time targeting #BumbleBee, #Latrodectus, #DanaBot, #WarmCookie, #Qakbot and #Trickbot!

    Once again this is a HUGE win, with a truly international effort! 💪

    As with phase one of #OperationEndgame, Spamhaus are providing remediation support - those affected will be contacted in due course with steps to take.

    For more information, read our write-up here:
    👉 spamhaus.org/resource-hub/malw

  25. 🔥 Operation Endgame is BACK! This time targeting #BumbleBee, #Latrodectus, #DanaBot, #WarmCookie, #Qakbot and #Trickbot!

    Once again this is a HUGE win, with a truly international effort! 💪

    As with phase one of #OperationEndgame, Spamhaus are providing remediation support - those affected will be contacted in due course with steps to take.

    For more information, read our write-up here:
    👉 spamhaus.org/resource-hub/malw

  26. #BREAKING: new Travis McEnery video just dropped and it's a 1h20m look at the black widow spider!! youtu.be/DHl_wRE4H0Y

    (Two of the arachnologists who regularly advise on the series have studied black widows so this is gonna be a good one)

    #SpidersOfMastodon #spiders #Theridiidae #Latrodectus

  27. #BREAKING: new Travis McEnery video just dropped and it's a 1h20m look at the black widow spider!! youtu.be/DHl_wRE4H0Y

    (Two of the arachnologists who regularly advise on the series have studied black widows so this is gonna be a good one)

    #SpidersOfMastodon #spiders #Theridiidae #Latrodectus

  28. #BREAKING: new Travis McEnery video just dropped and it's a 1h20m look at the black widow spider!! youtu.be/DHl_wRE4H0Y

    (Two of the arachnologists who regularly advise on the series have studied black widows so this is gonna be a good one)

    #SpidersOfMastodon #spiders #Theridiidae #Latrodectus

  29. #BREAKING: new Travis McEnery video just dropped and it's a 1h20m look at the black widow spider!! youtu.be/DHl_wRE4H0Y

    (Two of the arachnologists who regularly advise on the series have studied black widows so this is gonna be a good one)

    #SpidersOfMastodon #spiders #Theridiidae #Latrodectus

  30. #BREAKING: new Travis McEnery video just dropped and it's a 1h20m look at the black widow spider!! youtu.be/DHl_wRE4H0Y

    (Two of the arachnologists who regularly advise on the series have studied black widows so this is gonna be a good one)

    #SpidersOfMastodon #spiders #Theridiidae #Latrodectus

  31. A new version of #Latrodectus is out 📣🔥

    Version: 1.9
    Campaign: Mimikast

    The corresponding botnet C2s have been caught earlier today by @r0ny_123 🎣
    📡threatfox.abuse.ch/browse/malw

    The relevant malware sample is available on MalwareBazaar:
    📄 bazaar.abuse.ch/sample/762d06b

  32. A new version of #Latrodectus is out 📣🔥

    Version: 1.9
    Campaign: Mimikast

    The corresponding botnet C2s have been caught earlier today by @r0ny_123 🎣
    📡threatfox.abuse.ch/browse/malw

    The relevant malware sample is available on MalwareBazaar:
    📄 bazaar.abuse.ch/sample/762d06b