#malwareasaservice — Public Fediverse posts

Needle: Inside a Modular Crypto-Stealing C2 That Left Its Keys in the Malware

A modular Malware-as-a-Service crypto-stealing platform called Needle has been discovered actively targeting cryptocurrency wallets through two main attack vectors: a browser extension spoofer targeting MetaMask, Phantom, and Trust Wallet, and a Rust-based desktop agent impersonating Exodus, Trezor, and Ledger applications. The campaign compromised 1,932 victims, including 111 browser extension users and 1,821 desktop sessions. The Rust agent embedded its C2 API key without protection, enabling complete enumeration of victims and withdrawal configurations across six blockchains. The operator's EVM hot wallet moved approximately $148 in ETH to cold storage. The panel's React SPA performed authentication entirely client-side, and the same credential used by infected machines could potentially redirect future auto-withdrawals. Infrastructure is hosted on ASN 202412, a known bulletproof hosting provider in Amsterdam.

Pulse ID: 6a0198399994be750fe044cd
Pulse Link: https://otx.alienvault.com/pulse/6a0198399994be750fe044cd
Pulse Author: AlienVault
Created: 2026-05-11 08:50:01

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BlockChain #Browser #CyberSecurity #Edge #InfoSec #Mac #Malware #MalwareAsAService #OTX #OpenThreatExchange #RAT #Rust #bot #cryptocurrency #AlienVault

“Say My Name”: How MioLab is building MacOS Stealer Empire

MioLab, also known as Nova, is a sophisticated Malware-as-a-Service platform targeting macOS environments, heavily advertised on Russian-speaking underground forums. The platform features extensive data exfiltration capabilities, including browser credential theft, cryptocurrency wallet targeting (supporting over 200 browser extensions and 50+ desktop wallets), and a premium module specifically designed to compromise Ledger and Trezor hardware wallets by intercepting 24-word BIP39 recovery seed phrases. The lightweight C-based payload supports both Intel and Apple Silicon architectures across macOS versions from Sierra to Tahoe. MioLab employs sophisticated social engineering through customizable DMG builders with live preview features, fake system prompts, and ClickFix integration. Recent updates demonstrate rapid development, including Safari cookie grabbing, automated Apple Notes decryption, and universal hardware wallet modules. The operation utilizes bulletproof hosting services and shares infrastruct...

Pulse ID: 69f3653e884ec7a430371ba3
Pulse Link: https://otx.alienvault.com/pulse/69f3653e884ec7a430371ba3
Pulse Author: AlienVault
Created: 2026-04-30 14:20:46

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BIP39 #Browser #CyberSecurity #Edge #InfoSec #Mac #MacOS #Malware #MalwareAsAService #OTX #OpenThreatExchange #RAT #RCE #Russia #Safari #SocialEngineering #Word #bot #cryptocurrency #AlienVault

LofyStealer: Malware targeting Minecraft players.

A sophisticated two-stage infostealer named LofyStealer, also known as GrabBot/Slinky, targets Minecraft players through social engineering. The malware comprises a 53.5MB Node.js-based loader disguised within legitimate libraries and a 1.4MB native C++ payload that executes directly in memory. It extracts cookies, passwords, tokens, credit cards, and IBANs from eight different browsers including Chrome, Edge, Brave, Opera GX, and Firefox. The loader uses GitHub Actions for automated compilation while the payload employs direct syscalls to bypass EDR detection. Data is compressed via PowerShell, Base64-encoded, and exfiltrated to a Brazilian-hosted C2 server at 24.152.36.241. The operation is attributed with high confidence to the Brazilian cybercrime group LofyGang, operating a Malware-as-a-Service platform with Free and Premium tiers through a web panel branded as LofyStealer Advanced C2 Platform V2.0.

Pulse ID: 69f1f50b6a5e5d1ca31204bb
Pulse Link: https://otx.alienvault.com/pulse/69f1f50b6a5e5d1ca31204bb
Pulse Author: AlienVault
Created: 2026-04-29 12:09:47

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Brave #Brazil #Browser #Chrome #Cookies #CreditCard #CreditCards #CyberCrime #CyberSecurity #EDR #Edge #FireFox #GitHub #InfoSec #InfoStealer #Malware #MalwareAsAService #Minecraft #Nodejs #OTX #OpenThreatExchange #Opera #Password #Passwords #PowerShell #RAT #SocialEngineering #Word #bot #AlienVault

TwizAdmin -- Multi-Stage Crypto Clipper, Infostealer & Ransomware Operation

A sophisticated multi-stage malware operation was identified through an exposed C2 panel at 103.241.66[.]238:1337, combining cryptocurrency clipboard hijacking across eight chains, BIP-39 seed phrase theft, browser credential exfiltration, ransomware module (crpx0), and Java RAT builder managed via FastAPI-based panel with license key system. The operation targets Windows and macOS using FedEx and OnlyFans-themed social engineering lures, with complete source code exposed in open directories. The ransomware component communicates with three Russian .ru domains resolving to 31.31.198[.]206 at REG.RU hosting, operating under the identity DataBreachPlus with Telegram, qTox, and ProtonMail contacts. Ten cryptocurrency wallet addresses spanning Bitcoin, Ethereum, Tron, Dogecoin, Litecoin, Solana, Ripple, and Bitcoin Cash were extracted from configurations, indicating a Malware-as-a-Service operation with tiered licensing.

Pulse ID: 69e8c1fb96869b14e2c565a2
Pulse Link: https://otx.alienvault.com/pulse/69e8c1fb96869b14e2c565a2
Pulse Author: AlienVault
Created: 2026-04-22 12:41:31

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BitCoin #Browser #Clipboard #CyberSecurity #InfoSec #InfoStealer #Java #Mac #MacOS #Malware #MalwareAsAService #OTX #OpenThreatExchange #RAT #RCE #RansomWare #Russia #SocialEngineering #Telegram #Windows #bot #cryptocurrency #AlienVault

New NGate variant hides in a trojanized NFC payment app

ESET researchers have identified a new NGate malware variant targeting Android users in Brazil since November 2025. The threat actors trojanized the legitimate HandyPay NFC payment application, likely using AI-generated code, to relay NFC data from victims' payment cards to attacker-controlled devices. The malware enables unauthorized ATM withdrawals and payments while also capturing and exfiltrating payment card PINs to command-and-control servers. Distribution occurs through two channels: a fake Rio de Prêmios lottery website where victims always win a rigged prize, and a fraudulent Google Play page offering a fake card protection app. Both distribution sites are hosted on the same domain. This campaign represents an evolution in NFC-based fraud, with attackers choosing to patch existing legitimate applications rather than using established malware-as-a-service offerings.

Pulse ID: 69e7a6a0bb463e49c9b7572e
Pulse Link: https://otx.alienvault.com/pulse/69e7a6a0bb463e49c9b7572e
Pulse Author: AlienVault
Created: 2026-04-21 16:32:32

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Android #Brazil #CyberSecurity #ESET #Google #GooglePlay #InfoSec #Malware #MalwareAsAService #OTX #OpenThreatExchange #RAT #Trojan #Troll #bot #iOS #AlienVault

New NGate variant hides in a trojanized NFC payment app

ESET researchers have identified a new NGate malware variant targeting Android users in Brazil since November 2025. The threat actors trojanized the legitimate HandyPay NFC payment application, likely using AI-generated code, to relay NFC data from victims' payment cards to attacker-controlled devices. The malware enables unauthorized ATM withdrawals and payments while also capturing and exfiltrating payment card PINs to command-and-control servers. Distribution occurs through two channels: a fake Rio de Prêmios lottery website where victims always win a rigged prize, and a fraudulent Google Play page offering a fake card protection app. Both distribution sites are hosted on the same domain. This campaign represents an evolution in NFC-based fraud, with attackers choosing to patch existing legitimate applications rather than using established malware-as-a-service offerings.

Pulse ID: 69e7a6a0bb463e49c9b7572e
Pulse Link: https://otx.alienvault.com/pulse/69e7a6a0bb463e49c9b7572e
Pulse Author: AlienVault
Created: 2026-04-21 16:32:32

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Android #Brazil #CyberSecurity #ESET #Google #GooglePlay #InfoSec #Malware #MalwareAsAService #OTX #OpenThreatExchange #RAT #Trojan #Troll #bot #iOS #AlienVault

New NGate variant hides in a trojanized NFC payment app

ESET researchers have identified a new NGate malware variant targeting Android users in Brazil since November 2025. The threat actors trojanized the legitimate HandyPay NFC payment application, likely using AI-generated code, to relay NFC data from victims' payment cards to attacker-controlled devices. The malware enables unauthorized ATM withdrawals and payments while also capturing and exfiltrating payment card PINs to command-and-control servers. Distribution occurs through two channels: a fake Rio de Prêmios lottery website where victims always win a rigged prize, and a fraudulent Google Play page offering a fake card protection app. Both distribution sites are hosted on the same domain. This campaign represents an evolution in NFC-based fraud, with attackers choosing to patch existing legitimate applications rather than using established malware-as-a-service offerings.

Pulse ID: 69e7a6a0bb463e49c9b7572e
Pulse Link: https://otx.alienvault.com/pulse/69e7a6a0bb463e49c9b7572e
Pulse Author: AlienVault
Created: 2026-04-21 16:32:32

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Android #Brazil #CyberSecurity #ESET #Google #GooglePlay #InfoSec #Malware #MalwareAsAService #OTX #OpenThreatExchange #RAT #Trojan #Troll #bot #iOS #AlienVault

New NGate variant hides in a trojanized NFC payment app

ESET researchers have identified a new NGate malware variant targeting Android users in Brazil since November 2025. The threat actors trojanized the legitimate HandyPay NFC payment application, likely using AI-generated code, to relay NFC data from victims' payment cards to attacker-controlled devices. The malware enables unauthorized ATM withdrawals and payments while also capturing and exfiltrating payment card PINs to command-and-control servers. Distribution occurs through two channels: a fake Rio de Prêmios lottery website where victims always win a rigged prize, and a fraudulent Google Play page offering a fake card protection app. Both distribution sites are hosted on the same domain. This campaign represents an evolution in NFC-based fraud, with attackers choosing to patch existing legitimate applications rather than using established malware-as-a-service offerings.

Pulse ID: 69e7a6a0bb463e49c9b7572e
Pulse Link: https://otx.alienvault.com/pulse/69e7a6a0bb463e49c9b7572e
Pulse Author: AlienVault
Created: 2026-04-21 16:32:32

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Android #Brazil #CyberSecurity #ESET #Google #GooglePlay #InfoSec #Malware #MalwareAsAService #OTX #OpenThreatExchange #RAT #Trojan #Troll #bot #iOS #AlienVault

New NGate variant hides in a trojanized NFC payment app

ESET researchers have identified a new NGate malware variant targeting Android users in Brazil since November 2025. The threat actors trojanized the legitimate HandyPay NFC payment application, likely using AI-generated code, to relay NFC data from victims' payment cards to attacker-controlled devices. The malware enables unauthorized ATM withdrawals and payments while also capturing and exfiltrating payment card PINs to command-and-control servers. Distribution occurs through two channels: a fake Rio de Prêmios lottery website where victims always win a rigged prize, and a fraudulent Google Play page offering a fake card protection app. Both distribution sites are hosted on the same domain. This campaign represents an evolution in NFC-based fraud, with attackers choosing to patch existing legitimate applications rather than using established malware-as-a-service offerings.

Pulse ID: 69e7a6a0bb463e49c9b7572e
Pulse Link: https://otx.alienvault.com/pulse/69e7a6a0bb463e49c9b7572e
Pulse Author: AlienVault
Created: 2026-04-21 16:32:32

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Android #Brazil #CyberSecurity #ESET #Google #GooglePlay #InfoSec #Malware #MalwareAsAService #OTX #OpenThreatExchange #RAT #Trojan #Troll #bot #iOS #AlienVault

StepDrainer MaaS Platform Targeting Multi-Chain Crypto Wallets and NFT Assets

StepDrainer is a Malware-as-a-Service (MaaS) platform engineered to steal digital assets from cryptocurrency wallets, including fungible tokens and high-value NFT collections. The malware supports more than 20 blockchain networks and incorporates multiple draining techniques, particularly abusing ERC-20 token permissions and NFT approval mechanisms.

The platform includes automated asset transfer capabilities, compatibility with widely used mobile wallets, and encrypted logging via Telegram channels for attacker monitoring. StepDrainer is commercially distributed within cybercriminal ecosystems, with pricing models ranging from approximately $750 for full source code access to $150 for a shared version that imposes a 20% commission on successful thefts.

Pulse ID: 69e734af1069d427edf013a9
Pulse Link: https://otx.alienvault.com/pulse/69e734af1069d427edf013a9
Pulse Author: AlienVault
Created: 2026-04-21 08:26:23

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BlockChain #CyberSecurity #InfoSec #MaaS #Malware #MalwareAsAService #OTX #OpenThreatExchange #RAT #RCE #SMS #Telegram #bot #cryptocurrency #AlienVault

StepDrainer MaaS Platform Targeting Multi-Chain Crypto Wallets and NFT Assets

StepDrainer is a Malware-as-a-Service (MaaS) platform engineered to steal digital assets from cryptocurrency wallets, including fungible tokens and high-value NFT collections. The malware supports more than 20 blockchain networks and incorporates multiple draining techniques, particularly abusing ERC-20 token permissions and NFT approval mechanisms.

The platform includes automated asset transfer capabilities, compatibility with widely used mobile wallets, and encrypted logging via Telegram channels for attacker monitoring. StepDrainer is commercially distributed within cybercriminal ecosystems, with pricing models ranging from approximately $750 for full source code access to $150 for a shared version that imposes a 20% commission on successful thefts.

Pulse ID: 69e734af1069d427edf013a9
Pulse Link: https://otx.alienvault.com/pulse/69e734af1069d427edf013a9
Pulse Author: AlienVault
Created: 2026-04-21 08:26:23

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BlockChain #CyberSecurity #InfoSec #MaaS #Malware #MalwareAsAService #OTX #OpenThreatExchange #RAT #RCE #SMS #Telegram #bot #cryptocurrency #AlienVault

StepDrainer MaaS Platform Targeting Multi-Chain Crypto Wallets and NFT Assets

StepDrainer is a Malware-as-a-Service (MaaS) platform engineered to steal digital assets from cryptocurrency wallets, including fungible tokens and high-value NFT collections. The malware supports more than 20 blockchain networks and incorporates multiple draining techniques, particularly abusing ERC-20 token permissions and NFT approval mechanisms.

The platform includes automated asset transfer capabilities, compatibility with widely used mobile wallets, and encrypted logging via Telegram channels for attacker monitoring. StepDrainer is commercially distributed within cybercriminal ecosystems, with pricing models ranging from approximately $750 for full source code access to $150 for a shared version that imposes a 20% commission on successful thefts.

Pulse ID: 69e734af1069d427edf013a9
Pulse Link: https://otx.alienvault.com/pulse/69e734af1069d427edf013a9
Pulse Author: AlienVault
Created: 2026-04-21 08:26:23

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BlockChain #CyberSecurity #InfoSec #MaaS #Malware #MalwareAsAService #OTX #OpenThreatExchange #RAT #RCE #SMS #Telegram #bot #cryptocurrency #AlienVault

StepDrainer MaaS Platform Targeting Multi-Chain Crypto Wallets and NFT Assets

StepDrainer is a Malware-as-a-Service (MaaS) platform engineered to steal digital assets from cryptocurrency wallets, including fungible tokens and high-value NFT collections. The malware supports more than 20 blockchain networks and incorporates multiple draining techniques, particularly abusing ERC-20 token permissions and NFT approval mechanisms.

The platform includes automated asset transfer capabilities, compatibility with widely used mobile wallets, and encrypted logging via Telegram channels for attacker monitoring. StepDrainer is commercially distributed within cybercriminal ecosystems, with pricing models ranging from approximately $750 for full source code access to $150 for a shared version that imposes a 20% commission on successful thefts.

Pulse ID: 69e734af1069d427edf013a9
Pulse Link: https://otx.alienvault.com/pulse/69e734af1069d427edf013a9
Pulse Author: AlienVault
Created: 2026-04-21 08:26:23

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BlockChain #CyberSecurity #InfoSec #MaaS #Malware #MalwareAsAService #OTX #OpenThreatExchange #RAT #RCE #SMS #Telegram #bot #cryptocurrency #AlienVault

Mirax Trojan Hijacks Android Devices for Proxy Network

Meet Mirax, a sneaky new Android banking trojan that's not only stealing credentials, but also hijacking devices to create a powerful proxy network - putting European users at risk. This emerging malware is a triple threat, combining a malware-as-a-service model, remote access capabilities, and residential proxies to wreak havoc…

https://osintsights.com/mirax-trojan-hijacks-android-devices-for-proxy-network?utm_source=mastodon&utm_medium=social

#AndroidBankingTrojan #EmergingThreats #Malwareasaservice #ResidentialProxies #Maas

📬 Storm Infostealer umgeht 2FA: Malware übernimmt Accounts ohne Passwort
#DarkCommerce #Malware #2FAumgehen #AccountÜbernahme #BrowserDatenklau #Cybercrime #Datendiebstahl #Infostealer #MalwareasaService #SessionHijacking #StormInfostealer https://sc.tarnkappe.info/d93668

📬 Oblivion Android RAT: Kapert SMS, 2FA und umgeht Schutzmechanismen bis Android 16
#ITSicherheit #Malware #2FA #AccessibilityService #Android16 #AndroidMalware #AndroidRAT #HiddenVNC #MalwareasaService #MobileSecurity #Oblivion #PermissionBypass https://sc.tarnkappe.info/345ceb

📬 Telegram für Cyberkriminelle zunehmend unattraktiv
#DarkCommerce #Szene #AngelDrainer #BFRepo #Cybercrime #KasperskyDigitalFootprintIntelligence #MalwareasaService #Telegram #VladislavBelousov https://sc.tarnkappe.info/4a1824

Meduza Stealer Developers Arrested in Russia https://dailydarkweb.net/meduza-stealer-developers-arrested-in-russia/ #DarkWebNews&Services #MalwareasaService #MeduzaStealer #infostealer #Article273 #cybercrime #Rosgvardia #Astrakhan #Arrest #Russia #MVD

Meduza Stealer wasn’t just another malware—it was a game-changing tool that revived expired Chrome cookies and fueled a wave of cyber heists. Now, with its admins arrested in Russia, how will cybercrime adapt? Dive in to see the full story.

https://thedefendopsdiaries.com/the-rise-and-fall-of-meduza-stealer-a-deep-dive-into-its-technical-prowess/

#meduzastealer
#malwareanalysis
#cybercrime
#infosec
#malwareasaservice

Malware on tap? Atroposia lets even novice hackers rent a toolkit that bypasses Windows defenses, steals credentials, and even targets crypto. How safe are we when cybercrime is just a subscription away?

https://thedefendopsdiaries.com/atroposia-the-rise-of-subscription-based-malware-and-its-implications/

#atroposia
#malwareasaservice
#cybercrime
#remotetrojan
#credentialtheft

Malware-as-a-Service Campaign Exploits GitHub to Deliver Payloads – Source: www.infosecurity-magazine.com https://ciso2ciso.com/malware-as-a-service-campaign-exploits-github-to-deliver-payloads-source-www-infosecurity-magazine-com/ #rssfeedpostgeneratorecho #InfoSecurityMagazine #InfosecurityMagazine #CyberSecurityNews #MalwareasaService

📬 Operation Magnus: Info-Stealer RedLine und MetaStealer zerschlagen
#ITSicherheit #Rechtssachen #Eurojust #MalwareasaService #MetaStealer #OperationMagnus #RedLineStealer #Schadsoftware https://sc.tarnkappe.info/1f0e19

New ManticoraLoader Malware Attacking Citrix Users To Steal Data https://cybersecuritynews.com/manticoraloader-citrix-attack/ #MalwareasaService(MaaS) #CyberSecurityNews #ManticoraLoader #cybersecurity #CyberAttack #Malware

#CroudStrike is apparently now offering #BSOD as a service in a new bold #Enshittification #MalwareAsAService gambit.

DarkGate Malware Exploiting Excel Files And SMB File Shares https://gbhackers.com/darkgate-malware-excel-smb-exploitation/ #MalwareasaService(MaaS) #ExploitationTechniques #CyberAttack #DarkGate #Exploit #Malware

IT-Trends: Professionalisierung der Cyberkriminalität 2024 https://www.it-daily.net/it-sicherheit/cybercrime/professionalisierung-der-cyberkriminalitaet-in-2024 #CyberCrime #Malware #Ransomware #OpenSource #MaaS #RaaS #MalwareAsAService #RansomwareAsAService

Is malware as a service peak late stage capitalism or is it just me who thinks that?

"Rhadamanthys is a C++ information stealer that first emerged in August 2022, targeting email, FTP, and online banking service account credentials...

The stealer is sold to cybercriminals via a subscription model, so it is distributed to targets using a variety of channels, including malvertizing, laced torrent downloads, emails, YouTube videos, and more."

https://www.bleepingcomputer.com/news/security/rhadamanthys-stealer-malware-evolves-with-more-powerful-features/

Generally a big fan of interoperability but not for this...

"Check Point analyzed Rhadamanthys version 0.5.0 and reports that it introduced a new plugin system that allows higher levels of customization for specific distribution needs.

Plugins could add a diverse range of capabilities to the malware while allowing cybercriminals to minimize their footprint by only loading those they need in each case.

The new plugin system indicates a shift towards a more modular and customizable framework as it allows threat actors to deploy plugins tailored to their targets, counteracting security measures identified during recon stages or exploiting specific vulnerabilities."

#malware #infosec #opsec #MalwareAsAService #cybersec #wtf #LateStageCapitalism #Capitalism #enshitifcation

"🐰 BunnyLoader Unleashed: The Newest Kid on the Malware Block 🐰"

In a recent discovery, Zscaler ThreatLabz stumbled upon a new Malware-as-a-Service (MaaS) threat named "BunnyLoader" being peddled on various forums. This nefarious service offers a plethora of malicious functionalities including downloading and executing a second-stage payload, pilfering browser credentials and system information, keylogging, and even cryptocurrency theft through clipboard manipulation. 🕵️‍♀️💻

The malware, written in C/C++, is sold for a lifetime price of $250 and is under rapid development with multiple feature updates and bug fixes. It employs various anti-sandbox techniques during its attack sequence to evade detection and has a fileless loader feature which executes further malware stages in memory. BunnyLoader's C2 panel allows the threat actor to control infected machines remotely, showcasing a list of various tasks including keylogging, credential theft, and remote command execution among others. 🛑🔐

The detailed technical analysis reveals how BunnyLoader maintains persistence, performs anti-VM techniques, registers with the C2 server, and executes its core malicious tasks. The malware also harbors a clipper module to replace cryptocurrency addresses in a victim's clipboard with addresses controlled by the threat actor, targeting multiple cryptocurrencies like Bitcoin, Ethereum, and Monero. 🪙💸

The article is a comprehensive dive into the technical intricacies of BunnyLoader, shedding light on its modus operandi and the potential threat it poses to individuals and organizations alike. 🧐🔍

Source: Zscaler ThreatLabz

Tags: #BunnyLoader #MalwareAsAService #CyberSecurity #ThreatAnalysis #Malware #CryptocurrencyTheft #Zscaler #ThreatLabz #InfoSec

Authors: NIRAJ SHIVTARKAR, SATYAM SINGH

📬 Malware as a Service (MaaS) im Darknet: Hintergründe und Bedrohungen
#Hintergrundberichte #Malware #AlexanderZabrovsky #Backdoors #Botnets #Cyberkriminalität #Infostealer #kaspersky #Loader #MalwareasaService #RansomwareasaService https://tarnkappe.info/artikel/it-sicherheit/malware/malware-as-a-service-maas-im-darknet-hintergruende-und-bedrohungen-276234.html

📬 macOS-Malware MacStealer klaut Mac-Usern ihre M… Passwörter
#ITSicherheit #Malware #Binance #chrome #Exodus #Firefox #iCloudSchlüsselbund #MaaS #macOS #MacStealer #MalwareasaService #MetaMask #Phantom #Tron #TrustWallet https://tarnkappe.info/artikel/it-sicherheit/macos-malware-macstealer-klaut-mac-usern-ihre-m-passwoerter-272237.html

#RaccoonStealer admin will be extradited to the US, charged for computer crimeshttps://www.malwarebytes.com/blog/news/2022/11/racoon-stealer-admin-will-be-extradited-to-the-us-charged-for-computer-crimes

#hacking #MalwareAsAService

@longobord @cmdrmoto

Shh!🤫 Don't talk about #Meta's core business. #malware

⚠️☣️ Check the address. 👀⚠️☣️

☣️#MalwareAsAService ☣️ is ☣️ #Meta ☣️

~50yo's know that ! 😆

⚠️☣️ #MarkTheVirus ☣️⚠️

#FacebookWhistleblowers 🗣️📯
#MetaWhistleblowers 🗣️📯

📬 Prynt Stealer Malware stiehlt Hackern ihre Beute
#Hacking #Malware #Softwareentwicklung #AsyncRAT #Backdoor #DarkEye #MalwareasaService #StormKitty #TelegramToken #WorldWind https://tarnkappe.info/artikel/malware/prynt-stealer-malware-stiehlt-hackern-ihre-beute-255168.html

@tao all the script kiddies these days just outsource their work to the cloud SMH

#MalwareAsAService #MaaS