#smokeloader — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #smokeloader, aggregated by home.social.
-
SmokeLoader Rises From the Ashes
#SmokeLoader
https://www.zscaler.com/blogs/security-research/smokeloader-rises-ashes -
GitHub Abused to Spread Amadey, Lumma and Redline InfoStealers in Ukraine – Source:hackread.com https://ciso2ciso.com/github-abused-to-spread-amadey-lumma-and-redline-infostealers-in-ukraine-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #CyberAttacks #CyberAttack #SmokeLoader #Emmenhtal #AsyncRAT #Hackread #security #malware #Redline #Ukraine #Amadey #GitHub #Python #Lumma
-
GitHub Abused to Spread Amadey, Lumma and Redline InfoStealers in Ukraine – Source:hackread.com https://ciso2ciso.com/github-abused-to-spread-amadey-lumma-and-redline-infostealers-in-ukraine-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #CyberAttacks #CyberAttack #SmokeLoader #Emmenhtal #AsyncRAT #Hackread #security #malware #Redline #Ukraine #Amadey #GitHub #Python #Lumma
-
GitHub Abused to Spread Amadey, Lumma and Redline InfoStealers in Ukraine – Source:hackread.com https://ciso2ciso.com/github-abused-to-spread-amadey-lumma-and-redline-infostealers-in-ukraine-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #CyberAttacks #CyberAttack #SmokeLoader #Emmenhtal #AsyncRAT #Hackread #security #malware #Redline #Ukraine #Amadey #GitHub #Python #Lumma
-
GitHub Abused to Spread Amadey, Lumma and Redline InfoStealers in Ukraine – Source:hackread.com https://ciso2ciso.com/github-abused-to-spread-amadey-lumma-and-redline-infostealers-in-ukraine-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #CyberAttacks #CyberAttack #SmokeLoader #Emmenhtal #AsyncRAT #Hackread #security #malware #Redline #Ukraine #Amadey #GitHub #Python #Lumma
-
GitHub Abused to Spread Amadey, Lumma and Redline InfoStealers in Ukraine https://hackread.com/github-abused-amadey-lumma-redline-infostealers-ukraine/ #Cybersecurity #CyberAttacks #CyberAttack #SmokeLoader #Emmenhtal #Security #AsyncRAT #Malware #Redline #Ukraine #Amadey #GitHub #Python #Lumma
-
GitHub Abused to Spread Amadey, Lumma and Redline InfoStealers in Ukraine https://hackread.com/github-abused-amadey-lumma-redline-infostealers-ukraine/ #Cybersecurity #CyberAttacks #CyberAttack #SmokeLoader #Emmenhtal #Security #AsyncRAT #Malware #Redline #Ukraine #Amadey #GitHub #Python #Lumma
-
GitHub Abused to Spread Amadey, Lumma and Redline InfoStealers in Ukraine https://hackread.com/github-abused-amadey-lumma-redline-infostealers-ukraine/ #Cybersecurity #CyberAttacks #CyberAttack #SmokeLoader #Emmenhtal #Security #AsyncRAT #Malware #Redline #Ukraine #Amadey #GitHub #Python #Lumma
-
GitHub Abused to Spread Amadey, Lumma and Redline InfoStealers in Ukraine https://hackread.com/github-abused-amadey-lumma-redline-infostealers-ukraine/ #Cybersecurity #CyberAttacks #CyberAttack #SmokeLoader #Emmenhtal #Security #AsyncRAT #Malware #Redline #Ukraine #Amadey #GitHub #Python #Lumma
-
Smokeloader Users Identified and Arrested in Operation Endgame – Source:hackread.com https://ciso2ciso.com/smokeloader-users-identified-and-arrested-in-operation-endgame-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #OperationEndgame #cybersecurity #SmokeLoader #CyberCrime #Hackread #Europol #malware #botnet #europe
-
Europol Targets Customers of Smokeloader Pay-Per-Install Botnet – Source: www.securityweek.com https://ciso2ciso.com/europol-targets-customers-of-smokeloader-pay-per-install-botnet-source-www-securityweek-com/ #rssfeedpostgeneratorecho #Tracking&LawEnforcement #CyberSecurityNews #OperationEndgame #Malware&Threats #securityweekcom #securityweek #SmokeLoader #Trickbot #Europol #botnet
-
Smokeloader Users Identified and Arrested in Operation Endgame https://hackread.com/smokeloader-users-identified-arrested-operation-endgame/ #OperationEndgame #Cybersecurity #SmokeLoader #CyberCrime #Europol #Malware #Botnet #europe
-
🚨 #OperationEndgame - With the operators out of the picture, law enforcement is closing in on Smokeloader botnet’s paying customers across Europe and North America.
Read: https://hackread.com/smokeloader-users-identified-arrested-operation-endgame/
-
Europol Targets Customers of Smokeloader Pay-Per-Install Botnet https://www.securityweek.com/europol-targets-customers-of-smokeloader-pay-per-install-botnet/ #Tracking&LawEnforcement #OperationEndgame #Malware&Threats #Smokeloader #Trickbot #Europol #botnet
-
Europol Targets Customers of Smokeloader Pay-Per-Install Botnet https://www.securityweek.com/europol-targets-customers-of-smokeloader-pay-per-install-botnet/ #Tracking&LawEnforcement #OperationEndgame #Malware&Threats #Smokeloader #Trickbot #Europol #botnet
-
Operation Endgame follow-up leads to five detentions and interrogations as well as server takedowns
#SmokeLoader
https://www.europol.europa.eu/media-press/newsroom/news/operation-endgame-follow-leads-to-five-detentions-and-interrogations-well-server-takedowns -
CoffeeLoader Detection: A New Sophisticated Malware Family Spread via SmokeLoader – Source: socprime.com https://ciso2ciso.com/coffeeloader-detection-a-new-sophisticated-malware-family-spread-via-smokeloader-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #Latestthreats #CoffeeLoader #SmokeLoader #socprimecom #socprime #Malware #Blog
-
💡 CoffeeLoader il malware che evade le difese sfruttando la GPU
https://gomoot.com/coffeeloader-il-malware-che-evade-le-difese-sfruttando-la-gpu/
#blog #coffeeloader #cybersecurity #gpu #malware #news #picks #ransomware #smokeloader #spuware #stack #tech #tecnologia #zscaler
-
CVE-2025-0411, a zero-day #vulnerability in 7-Zip is actively exploited by russian adversaries to target Ukraine in a #SmokeLoader campaign involving homoglyph attacks. Detect exploitation attempts using a set of #Sigma rules from SOC Prime Platform.
https://socprime.com/blog/cve-2025-0411-exploitation-to-target-Ukraine/?utm_source=mastodon&utm_medium=social&utm_campaign=latest-threats&utm_content=blog-post -
SmokeLoader Campaign Targets Taiwanese Companies – Source: www.databreachtoday.com https://ciso2ciso.com/smokeloader-campaign-targets-taiwanese-companies-source-www-databreachtoday-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #DataBreachToday #DataBreachToday #SmokeLoader
-
SmokeLoader Malware Exploits MS Office Flaws to Steal Browser Credentials – Source:hackread.com https://ciso2ciso.com/smokeloader-malware-exploits-ms-office-flaws-to-steal-browser-credentials-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #MicrosoftOffice #cybersecurity #CyberAttacks #PhishingScam #CyberAttack #SmokeLoader #Hackread #security #malware #Macros
-
SmokeLoader Malware Campaign Targets Taiwanese Companies: Key Insights - https://www.redpacketsecurity.com/smokeloader-malware-campaign-targets-companies-in-taiwan/
-
SmokeLoader Campaign Targets Taiwanese Companies – Source: www.govinfosecurity.com https://ciso2ciso.com/smokeloader-campaign-targets-taiwanese-companies-source-www-govinfosecurity-com/ #rssfeedpostgeneratorecho #govinfosecuritycom #CyberSecurityNews #SmokeLoader
-
SmokeLoader Malware Exploits MS Office Flaws to Steal Browser Credentials https://hackread.com/smokeloader-malware-ms-office-flaws-browser-data/ #MicrosoftOffice #Cybersecurity #CyberAttacks #PhishingScam #CyberAttack #SmokeLoader #Security #Malware #Macros
-
SmokeLoader Malware Campaign Targets Companies in Taiwan – Source: www.infosecurity-magazine.com https://ciso2ciso.com/smokeloader-malware-campaign-targets-companies-in-taiwan-source-www-infosecurity-magazine-com/ #rssfeedpostgeneratorecho #InfoSecurityMagazine #InfosecurityMagazine #CyberSecurityNews #SmokeLoader
-
SmokeLoader Malware Resurfaces, Targeting Manufacturing and IT in Taiwan – Source:thehackernews.com https://ciso2ciso.com/smokeloader-malware-resurfaces-targeting-manufacturing-and-it-in-taiwan-sourcethehackernews-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #TheHackerNews #SmokeLoader
-
Campagne #Malware #Italy Week 29
☠️💣🔥👻
#AgentTesla: Ordine
#Formbook: Offerta
#GuLoader: Fattura Elettronica
#Remcos: Bank
#Lokibot: Delivery
#SmokeLoader: Pagamenti
#Irata: Malware APK
#RedLine: Offerta
#Neshta: Ordine
#Ousaban: Processo
#SnakeKeylogger: Fattura -
Das Bundeskriminalamt (BKA) und die Generalstaatsanwaltschaft Frankfurt am Main – Zentralstelle zur Bekämpfung der Internetkriminalität (ZIT) haben am 28. und 29. Mai 2024, unter Beteiligung des BSI, einen Schlag gegen #Cybercrime unternommen. Wir haben für den Takedown der #Schadsoftware #Smokeloader eine Sinkholing-Infrastruktur bereitgestellt und sind für die Benachrichtigung der deutschen Opfer zuständig.
Mehr Infos: 👉 https://www.bsi.bund.de/dok/1112442
-
「 #ユーロポール 、 #IcedID 、 #TrickBot 、その他のマルウェアに関連した100台以上のサーバーを #シャットダウン 」: The Hacker News
「ユーロポールは木曜日、 #Operation #Endgame というコード名で行われる法執行機関の連携活動の一環として、IcedID、 #SystemB C、 #PikaBo t、 #SmokeLoader 、 #Bumblebee 、TrickBotなどのいくつかのマルウェアローダー操作に関連するインフラストラクチャを停止したと発表した 。
この措置は5月27日から5月29日までの間に行われ、 #アルメニア 、 #オランダ 、 #ポルトガル の16か所にわたる捜索の結果、世界中で100台以上のサーバーが解体され、アルメニアで1人、ウクライナで3人の計4人が #逮捕 された。 、そして #ウクライナ 。 」戦禍のウクライナでも、ややこしいことをしている奴がいる。
https://thehackernews.com/2024/05/europol-dismantles-100-servers-linked.html
-
「 #ユーロポール 、 #IcedID 、 #TrickBot 、その他のマルウェアに関連した100台以上のサーバーを #シャットダウン 」: The Hacker News
「ユーロポールは木曜日、 #Operation #Endgame というコード名で行われる法執行機関の連携活動の一環として、IcedID、 #SystemB C、 #PikaBo t、 #SmokeLoader 、 #Bumblebee 、TrickBotなどのいくつかのマルウェアローダー操作に関連するインフラストラクチャを停止したと発表した 。
この措置は5月27日から5月29日までの間に行われ、 #アルメニア 、 #オランダ 、 #ポルトガル の16か所にわたる捜索の結果、世界中で100台以上のサーバーが解体され、アルメニアで1人、ウクライナで3人の計4人が #逮捕 された。 、そして #ウクライナ 。 」戦禍のウクライナでも、ややこしいことをしている奴がいる。
https://thehackernews.com/2024/05/europol-dismantles-100-servers-linked.html
-
‘Operation Endgame’ Hits Malware Delivery Platforms
https://krebsonsecurity.com/2024/05/operation-endgame-hits-malware-delivery-platforms/
#Ne'er-Do-WellNews #OperationEndgame #TheComingStorm #MattBurgess #Smokeloader #Ransomware #trickbot #Europol #LockBit #IcedID #911S5
-
‘Operation Endgame’ Hits Malware Delivery Platforms https://krebsonsecurity.com/2024/05/operation-endgame-hits-malware-delivery-platforms/ #Ne'er-Do-WellNews #OperationEndgame #TheComingStorm #MattBurgess #Smokeloader #Ransomware #trickbot #Europol #LockBit #IcedID #911S5
-
We are proud to announce that Sekoia #TDR team contributed to the joint international law enforcement operation #OperationEndgame, targeting the notorious botnets #IcedID, #Smokeloader, #SystemBC and #Pikabot
-
📬 Operation Endgame ein voller Erfolg: Großoffensive gegen Malware-Familien
#Malware #Rechtssachen #BKA #Bumblebee #DrBenjaminKrause #MartinaLink #Smokeloader #Trickbot https://sc.tarnkappe.info/6f8f6a -
📬 Operation Endgame ein voller Erfolg: Großoffensive gegen Malware-Familien
#Malware #Rechtssachen #BKA #Bumblebee #DrBenjaminKrause #MartinaLink #Smokeloader #Trickbot https://sc.tarnkappe.info/6f8f6a -
📬 Operation Endgame ein voller Erfolg: Großoffensive gegen Malware-Familien
#Malware #Rechtssachen #BKA #Bumblebee #DrBenjaminKrause #MartinaLink #Smokeloader #Trickbot https://sc.tarnkappe.info/6f8f6a -
📬 Operation Endgame ein voller Erfolg: Großoffensive gegen Malware-Familien
#Malware #Rechtssachen #BKA #Bumblebee #DrBenjaminKrause #MartinaLink #Smokeloader #Trickbot https://sc.tarnkappe.info/6f8f6a -
📬 Operation Endgame ein voller Erfolg: Großoffensive gegen Malware-Familien
#Malware #Rechtssachen #BKA #Bumblebee #DrBenjaminKrause #MartinaLink #Smokeloader #Trickbot https://sc.tarnkappe.info/6f8f6a -
Operation Endgame - Largest Ever Operation Against Botnets Hits Dropper Malware Ecosystem
Date: May 30, 2024
CVE: Not specified
Vulnerability Type: Malware
CWE: [[CWE-94]], [[CWE-502]]
Sources: Europol News, Eurojust NewsIssue Summary
Europol, in coordination with law enforcement agencies from multiple countries, conducted the largest ever operation targeting botnets. This operation, dubbed "Operation Endgame," took place from May 27 to 29, 2024, and led to the disruption of major malware droppers including IcedID, SystemBC, Pikabot, Smokeloader, and Bumblebee. The effort resulted in four arrests and the takedown of over 100 servers worldwide. These droppers were used to facilitate ransomware and other cyber-attacks by installing additional malware onto target systems. The operation was supported by Eurojust and involved contributions from countries including France, Germany, the Netherlands, Denmark, the UK, the US, and others. Private partners also played a role in the operation, which aimed to dismantle the infrastructure supporting these malicious activities. The success of this operation marks a significant step in combating cybercrime on a global scale.
Operation Endgame, coordinated by Europol, dismantled several major botnets including IcedID, SystemBC, Pikabot, Smokeloader, and Bumblebee. This international effort involved law enforcement agencies from multiple countries and led to the arrest of four individuals and the takedown of over 100 servers. The botnets targeted facilitated ransomware and other cyber-attacks.
Technical Key Findings
The malware droppers involved are designed to infiltrate systems and install additional malware, often avoiding detection through sophisticated evasion techniques. These droppers were used to deploy ransomware and other malicious payloads by bypassing security measures and enabling further system compromises.
Vulnerable Products
The operation did not specify particular products but targeted the infrastructures supporting droppers like IcedID, SystemBC, Pikabot, Smokeloader, and Bumblebee.
Impact Assessment
If abused, these vulnerabilities could lead to widespread ransomware attacks, financial losses, and significant disruption of services. The infrastructure taken down had facilitated numerous cyber-attacks globally, highlighting the severe impact on cybersecurity.
Patches or Workaround
The report did not mention specific patches or workarounds. However, continuous monitoring and updating of security measures are recommended to protect against such threats.
Tags
#Botnets #Malware #Ransomware #Cybersecurity #Europol #OperationEndgame #Cybercrime #IcedID #SystemBC #Pikabot #Smokeloader #Bumblebee
-
We are proud to announce that we assisted the joint international law enforcement operation #OperationEndgame, targeting the notorious botnets #IcedID, #Smokeloader, #SystemBC and #Pikabot 🔥
abuse.ch has provided key infrastructure to LEA and internal partners to disrupt these botnet operations 🛑
More information on the operation is available here:
👉 https://operation-endgame.com/ -
🚨#IcedID, #Smokeloader, #SystemBC, #Pikabot and #Bumblebee botnets have been disrupted by Operation Endgame!! This is the largest operation EVER against botnets involved with ransomware, with gargantuan thanks to a coordinated effort led by international agencies 👏👏
As with the #Qakbot and #Emotet takedowns, Spamhaus are again providing remediation support - those affected will be contacted from today with steps to take.
👉 For more information, read our write-up here: https://www.spamhaus.org/resource-hub/malware/operation-endgame-botnets-disrupted-after-international-action/
-
🚨#IcedID, #Smokeloader, #SystemBC, #Pikabot and #Bumblebee botnets have been disrupted by Operation Endgame!! This is the largest operation EVER against botnets involved with ransomware, with gargantuan thanks to a coordinated effort led by international agencies 👏👏
As with the #Qakbot and #Emotet takedowns, Spamhaus are again providing remediation support - those affected will be contacted from today with steps to take.
👉 For more information, read our write-up here: https://www.spamhaus.org/resource-hub/malware/operation-endgame-botnets-disrupted-after-international-action/
-
🚨#IcedID, #Smokeloader, #SystemBC, #Pikabot and #Bumblebee botnets have been disrupted by Operation Endgame!! This is the largest operation EVER against botnets involved with ransomware, with gargantuan thanks to a coordinated effort led by international agencies 👏👏
As with the #Qakbot and #Emotet takedowns, Spamhaus are again providing remediation support - those affected will be contacted from today with steps to take.
👉 For more information, read our write-up here: https://www.spamhaus.org/resource-hub/malware/operation-endgame-botnets-disrupted-after-international-action/
-
🚨#IcedID, #Smokeloader, #SystemBC, #Pikabot and #Bumblebee botnets have been disrupted by Operation Endgame!! This is the largest operation EVER against botnets involved with ransomware, with gargantuan thanks to a coordinated effort led by international agencies 👏👏
As with the #Qakbot and #Emotet takedowns, Spamhaus are again providing remediation support - those affected will be contacted from today with steps to take.
👉 For more information, read our write-up here: https://www.spamhaus.org/resource-hub/malware/operation-endgame-botnets-disrupted-after-international-action/
-
🚨#IcedID, #Smokeloader, #SystemBC, #Pikabot and #Bumblebee botnets have been disrupted by Operation Endgame!! This is the largest operation EVER against botnets involved with ransomware, with gargantuan thanks to a coordinated effort led by international agencies 👏👏
As with the #Qakbot and #Emotet takedowns, Spamhaus are again providing remediation support - those affected will be contacted from today with steps to take.
👉 For more information, read our write-up here: https://www.spamhaus.org/resource-hub/malware/operation-endgame-botnets-disrupted-after-international-action/
-
Russian Hackers Use Legit Remote Monitoring Software to Spy on Ukraine and Allies https://thecyberexpress.com/remote-monitoring-software-to-spy-on-ukraine/ #RemoteManagementSoftware #TheCyberExpressNews #CybersecurityNews #RemoteMonitoring #UkraineandAllies #TheCyberExpress #FirewallDaily #CyberWarfare #SmokeLoader #Hackers #malware #Ukraine #CERTUA #Europe #RMM #Spy #US
-
ESET Research reports that AceCryptor use surged in the second half of 2023. This included Remcos RAT campaigns for the first time, using compromised accounts for credibility in phishing emails. AceCryptor + Remcos campaigns targeted Poland, Bulgaria, Spain, and Serbia. Campaigns were described, MITRE ATT&CK TTPs and IOC provided. 🔗 https://www.welivesecurity.com/en/eset-research/rescoms-rides-waves-acecryptor-spam/
#AceCryptor #threatintel #IOC #Remcos #RemcosRAT #VidarStealer #Stopransomware #SmokeLoader
-
The State Cyber Protection Centre of the State Service of Special Communications and Information Protection of Ukraine (SCPC SSSCIP), in collaboration with Unit 42, has a whopping 94 page malware analysis report (complete with IOC) on Smoke Loader malware (aka Dofoil or Sharik), used in a surge of recent attacks on Ukrainian financial institutions and government organizations. Ukraine’s CERT-UA first identified Smoke Loader used by the financially motivated threat group UAC-0006 on 05 May 2023. Since then, Smoke Loader has been used worldwide and also in ransomware attacks. 🔗 https://scpc.gov.ua/en/articles/356
#SmokeLoader #malware #threatintel #UAC0006 #Ukraine #SCPC #SSSCIP #Ukraine #CERTUA #IOC
-
The State Cyber Protection Centre of the State Service of Special Communications and Information Protection of Ukraine (SCPC SSSCIP), in collaboration with Unit 42, has a whopping 94 page malware analysis report (complete with IOC) on Smoke Loader malware (aka Dofoil or Sharik), used in a surge of recent attacks on Ukrainian financial institutions and government organizations. Ukraine’s CERT-UA first identified Smoke Loader used by the financially motivated threat group UAC-0006 on 05 May 2023. Since then, Smoke Loader has been used worldwide and also in ransomware attacks. 🔗 https://scpc.gov.ua/en/articles/356
#SmokeLoader #malware #threatintel #UAC0006 #Ukraine #SCPC #SSSCIP #Ukraine #CERTUA #IOC
-
The State Cyber Protection Centre of the State Service of Special Communications and Information Protection of Ukraine (SCPC SSSCIP), in collaboration with Unit 42, has a whopping 94 page malware analysis report (complete with IOC) on Smoke Loader malware (aka Dofoil or Sharik), used in a surge of recent attacks on Ukrainian financial institutions and government organizations. Ukraine’s CERT-UA first identified Smoke Loader used by the financially motivated threat group UAC-0006 on 05 May 2023. Since then, Smoke Loader has been used worldwide and also in ransomware attacks. 🔗 https://scpc.gov.ua/en/articles/356
#SmokeLoader #malware #threatintel #UAC0006 #Ukraine #SCPC #SSSCIP #Ukraine #CERTUA #IOC