#trellix — Public Fediverse posts on home.social

OTX Bot @[email protected] · 2026-05-08 · 09:03 UTC

Donuts and Beagles: Fake Claude site spreads backdoor

A fraudulent website impersonating Anthropic's Claude AI platform has been distributing a previously undocumented backdoor called Beagle through malvertising campaigns. The attack begins when victims download a fictitious tool named Claude-Pro Relay from claude-pro[.]com, delivered as a 505 MB ZIP archive. The infection chain utilizes DLL sideloading, exploiting a signed G DATA antivirus updater to load malicious code. The technique mirrors PlugX delivery methods but deploys different payloads. Beagle supports eight commands including shell execution, file transfer, and directory listing, communicating with C2 servers using AES encryption. Related samples dating to February 2026 have been identified, with some variants delivering AdaptixC2 framework. Additional domains impersonated security vendors like Trellix, CrowdStrike, and SentinelOne. The infrastructure spans Cloudflare for distribution and Alibaba Cloud for command and control.

Pulse ID: 69fcc63f1dce161fc2f8380c
Pulse Link: https://otx.alienvault.com/pulse/69fcc63f1dce161fc2f8380c
Pulse Author: AlienVault
Created: 2026-05-07 17:05:03

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #Cloud #CrowdStrike #CyberSecurity #Encryption #InfoSec #Malvertising #OTX #OpenThreatExchange #PlugX #SentinelOne #SideLoading #Trellix #ZIP #bot #AlienVault

#backdoor #cloud #crowdstrike #cybersecurity #encryption #infosec

OTX Bot @[email protected] · 2026-05-08 · 09:03 UTC

Donuts and Beagles: Fake Claude site spreads backdoor

A fraudulent website impersonating Anthropic's Claude AI platform has been distributing a previously undocumented backdoor called Beagle through malvertising campaigns. The attack begins when victims download a fictitious tool named Claude-Pro Relay from claude-pro[.]com, delivered as a 505 MB ZIP archive. The infection chain utilizes DLL sideloading, exploiting a signed G DATA antivirus updater to load malicious code. The technique mirrors PlugX delivery methods but deploys different payloads. Beagle supports eight commands including shell execution, file transfer, and directory listing, communicating with C2 servers using AES encryption. Related samples dating to February 2026 have been identified, with some variants delivering AdaptixC2 framework. Additional domains impersonated security vendors like Trellix, CrowdStrike, and SentinelOne. The infrastructure spans Cloudflare for distribution and Alibaba Cloud for command and control.

Pulse ID: 69fcc63f1dce161fc2f8380c
Pulse Link: https://otx.alienvault.com/pulse/69fcc63f1dce161fc2f8380c
Pulse Author: AlienVault
Created: 2026-05-07 17:05:03

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #Cloud #CrowdStrike #CyberSecurity #Encryption #InfoSec #Malvertising #OTX #OpenThreatExchange #PlugX #SentinelOne #SideLoading #Trellix #ZIP #bot #AlienVault

#backdoor #cloud #crowdstrike #cybersecurity #encryption #infosec

OTX Bot @[email protected] · 2026-05-08 · 09:03 UTC

Donuts and Beagles: Fake Claude site spreads backdoor

A fraudulent website impersonating Anthropic's Claude AI platform has been distributing a previously undocumented backdoor called Beagle through malvertising campaigns. The attack begins when victims download a fictitious tool named Claude-Pro Relay from claude-pro[.]com, delivered as a 505 MB ZIP archive. The infection chain utilizes DLL sideloading, exploiting a signed G DATA antivirus updater to load malicious code. The technique mirrors PlugX delivery methods but deploys different payloads. Beagle supports eight commands including shell execution, file transfer, and directory listing, communicating with C2 servers using AES encryption. Related samples dating to February 2026 have been identified, with some variants delivering AdaptixC2 framework. Additional domains impersonated security vendors like Trellix, CrowdStrike, and SentinelOne. The infrastructure spans Cloudflare for distribution and Alibaba Cloud for command and control.

Pulse ID: 69fcc63f1dce161fc2f8380c
Pulse Link: https://otx.alienvault.com/pulse/69fcc63f1dce161fc2f8380c
Pulse Author: AlienVault
Created: 2026-05-07 17:05:03

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #Cloud #CrowdStrike #CyberSecurity #Encryption #InfoSec #Malvertising #OTX #OpenThreatExchange #PlugX #SentinelOne #SideLoading #Trellix #ZIP #bot #AlienVault

#backdoor #cloud #crowdstrike #cybersecurity #encryption #infosec

OTX Bot @[email protected] · 2026-05-08 · 09:03 UTC

Donuts and Beagles: Fake Claude site spreads backdoor

A fraudulent website impersonating Anthropic's Claude AI platform has been distributing a previously undocumented backdoor called Beagle through malvertising campaigns. The attack begins when victims download a fictitious tool named Claude-Pro Relay from claude-pro[.]com, delivered as a 505 MB ZIP archive. The infection chain utilizes DLL sideloading, exploiting a signed G DATA antivirus updater to load malicious code. The technique mirrors PlugX delivery methods but deploys different payloads. Beagle supports eight commands including shell execution, file transfer, and directory listing, communicating with C2 servers using AES encryption. Related samples dating to February 2026 have been identified, with some variants delivering AdaptixC2 framework. Additional domains impersonated security vendors like Trellix, CrowdStrike, and SentinelOne. The infrastructure spans Cloudflare for distribution and Alibaba Cloud for command and control.

Pulse ID: 69fcc63f1dce161fc2f8380c
Pulse Link: https://otx.alienvault.com/pulse/69fcc63f1dce161fc2f8380c
Pulse Author: AlienVault
Created: 2026-05-07 17:05:03

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #Cloud #CrowdStrike #CyberSecurity #Encryption #InfoSec #Malvertising #OTX #OpenThreatExchange #PlugX #SentinelOne #SideLoading #Trellix #ZIP #bot #AlienVault

#alienvault #bot #zip #trellix #sideloading #sentinelone

OTX Bot @[email protected] · 2026-05-08 · 09:03 UTC

Donuts and Beagles: Fake Claude site spreads backdoor

A fraudulent website impersonating Anthropic's Claude AI platform has been distributing a previously undocumented backdoor called Beagle through malvertising campaigns. The attack begins when victims download a fictitious tool named Claude-Pro Relay from claude-pro[.]com, delivered as a 505 MB ZIP archive. The infection chain utilizes DLL sideloading, exploiting a signed G DATA antivirus updater to load malicious code. The technique mirrors PlugX delivery methods but deploys different payloads. Beagle supports eight commands including shell execution, file transfer, and directory listing, communicating with C2 servers using AES encryption. Related samples dating to February 2026 have been identified, with some variants delivering AdaptixC2 framework. Additional domains impersonated security vendors like Trellix, CrowdStrike, and SentinelOne. The infrastructure spans Cloudflare for distribution and Alibaba Cloud for command and control.

Pulse ID: 69fcc63f1dce161fc2f8380c
Pulse Link: https://otx.alienvault.com/pulse/69fcc63f1dce161fc2f8380c
Pulse Author: AlienVault
Created: 2026-05-07 17:05:03

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #Cloud #CrowdStrike #CyberSecurity #Encryption #InfoSec #Malvertising #OTX #OpenThreatExchange #PlugX #SentinelOne #SideLoading #Trellix #ZIP #bot #AlienVault

#backdoor #cloud #crowdstrike #cybersecurity #encryption #infosec

Newk @[email protected] · 2026-05-02 · 10:02 UTC

Vielleicht sollten #CISO das überdenken...

#infosec #trellix #sourcecode #breach

#ciso #infosec #trellix #sourcecode #breach

Newk @[email protected] · 2026-05-02 · 10:02 UTC

Vielleicht sollten #CISO das überdenken...

#infosec #trellix #sourcecode #breach

#ciso #infosec #trellix #sourcecode #breach

Newk @[email protected] · 2026-05-02 · 10:02 UTC

Vielleicht sollten #CISO das überdenken...

#infosec #trellix #sourcecode #breach

#ciso #infosec #trellix #sourcecode #breach

Newk @[email protected] · 2026-05-02 · 10:02 UTC

Vielleicht sollten #CISO das überdenken...

#infosec #trellix #sourcecode #breach

#breach #sourcecode #trellix #infosec #ciso

Newk @[email protected] · 2026-05-02 · 10:02 UTC

Vielleicht sollten #CISO das überdenken...

#infosec #trellix #sourcecode #breach

#ciso #infosec #trellix #sourcecode #breach

KM6ECC @[email protected] · 2025-11-19 · 19:07 UTC

I said this when #Windows Subsystem for #Linux (WSL) first came out. It is inevitable. It is in fact a Linux world, obvs in the data center but also for end users (where Android is # 1.) Steve Job's greatest move was going #BSD, which too, is just another *nix distro.

The new divide? The only thing clear about that is that it is #AI related. Because I see it in students already.

Where do #LLM or neural nets fit into the OS? One controversy locally at #UCSD is #Trellix.

https://www.xda-developers.com/windows-being-considered-a-linux-distro/

#trellix #ucsd #llm #ai #bsd #linux

KM6ECC @[email protected] · 2025-11-19 · 19:07 UTC

I said this when #Windows Subsystem for #Linux (WSL) first came out. It is inevitable. It is in fact a Linux world, obvs in the data center but also for end users (where Android is # 1.) Steve Job's greatest move was going #BSD, which too, is just another *nix distro.

The new divide? The only thing clear about that is that it is #AI related. Because I see it in students already.

Where do #LLM or neural nets fit into the OS? One controversy locally at #UCSD is #Trellix.

https://www.xda-developers.com/windows-being-considered-a-linux-distro/

#trellix #ucsd #llm #ai #bsd #linux

KM6ECC @[email protected] · 2025-11-19 · 19:07 UTC

I said this when #Windows Subsystem for #Linux (WSL) first came out. It is inevitable. It is in fact a Linux world, obvs in the data center but also for end users (where Android is # 1.) Steve Job's greatest move was going #BSD, which too, is just another *nix distro.

The new divide? The only thing clear about that is that it is #AI related. Because I see it in students already.

Where do #LLM or neural nets fit into the OS? One controversy locally at #UCSD is #Trellix.

https://www.xda-developers.com/windows-being-considered-a-linux-distro/

#trellix #ucsd #llm #ai #bsd #linux

KM6ECC @[email protected] · 2025-11-19 · 19:07 UTC

I said this when #Windows Subsystem for #Linux (WSL) first came out. It is inevitable. It is in fact a Linux world, obvs in the data center but also for end users (where Android is # 1.) Steve Job's greatest move was going #BSD, which too, is just another *nix distro.

The new divide? The only thing clear about that is that it is #AI related. Because I see it in students already.

Where do #LLM or neural nets fit into the OS? One controversy locally at #UCSD is #Trellix.

https://www.xda-developers.com/windows-being-considered-a-linux-distro/

#windows #linux #bsd #ai #llm #ucsd

KM6ECC @[email protected] · 2025-11-19 · 19:07 UTC

I said this when #Windows Subsystem for #Linux (WSL) first came out. It is inevitable. It is in fact a Linux world, obvs in the data center but also for end users (where Android is # 1.) Steve Job's greatest move was going #BSD, which too, is just another *nix distro.

The new divide? The only thing clear about that is that it is #AI related. Because I see it in students already.

Where do #LLM or neural nets fit into the OS? One controversy locally at #UCSD is #Trellix.

https://www.xda-developers.com/windows-being-considered-a-linux-distro/

#trellix #ucsd #llm #ai #bsd #linux