Brad · @malware_traffic
2362 followers · 137 posts · Server infosec.exchange

Originally posted at: twitter.com/malware_traffic/st

2023-03-06 (Monday): Malspam targeting Italy leads to (/#Ursnif) infection - URL and server hosting malicious files from our test run still active today (Thursday 2023-03-09) - IoCs from our infection run available at github.com/pan-unit42/tweets/b

of the infection traffic, and the associated malware samples are available at malware-traffic-analysis.net/2

#gozi #isfb #pcap

Last updated 1 year ago

Brad · @malware_traffic
2260 followers · 114 posts · Server infosec.exchange

Also posted at: twitter.com/malware_traffic/st

2023-02-03 (Friday) - DEV-0569 activity: Google ad fake CPUID page --> "FakeBat" Loader --> Redline Stealer & Gozi/ISFB/Ursnif

IOCs, pcap of the infection, and associated malware/artifacts available at: malware-traffic-analysis.net/2

Tags:

Hopefully, recent blogs about all these malicious Google ads will force Google to change something. But I have a feeling Google will keep on being Google.

#dev0569 #fakebat #gozi #isfb #malware #pcap #redline #RedLineStealer #ursnif

Last updated 2 years ago