Top 10 last week's threats by uploads 🌐
⬆️ #Agenttesla 549 (306)
⬇️ #Asyncrat 435 (443)
⬆️ #Dcrat 379 (225)
⬇️ #Xworm 366 (435)
⬇️ #Stealc 360 (475)
⬇️ #Vidar 345 (455)
⬆️ #Salatstealer 235 (206)
⬇️ #Remcos 234 (307)
⬆️ #Gh0st 225 (166)
⬇️ #Quasar 200 (207)
Explore malware in action: https://app.any.run/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_term=090226&utm_content=linktoregister#register
#Gh0st
Top 10 last week's threats by uploads 🌐
⬆️ #Xworm 861 (712)
⬆️ #Asyncrat 360 (337)
⬆️ #Stealc 311 (307)
⬆️ #Vidar 309 (266)
⬆️ #Remcos 278 (248)
⬆️ #Quasar 233 (209)
⬇️ #Gh0st 192 (218)
⬆️ #Lumma 187 (140)
⬆️ #Agenttesla 157 (135)
⬆️ #Reverseloader 143 (111)
Explore malware in action: https://app.any.run/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_term=260126&utm_content=linktoregister#register
Top 10 last week's threats by uploads 🌐
⬆️ #Xworm 712 (563)
⬆️ #Asyncrat 339 (333)
⬆️ #Stealc 307 (216)
⬆️ #Vidar 266 (204)
⬆️ #Remcos 249 (169)
⬆️ #Salatstealer 227 (209)
⬇️ #Gh0st 218 (241)
⬇️ #Quasar 209 (211)
⬆️ #Lumma 140 (138)
⬆️ #Agenttesla 139 (100)
Explore malware in action: https://app.any.run/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_term=190126&utm_content=linktoregister#register
Top 10 last week's threats by uploads 🌐
⬆️ #Xworm 563 (350)
⬆️ #Asyncrat 335 (176)
⬆️ #Warzone 289 (35)
⬆️ #Gh0st 241 (14)
⬆️ #Stealc 216 (180)
⬆️ #Quasar 211 (159)
⬆️ #Vidar 204 (184)
⬆️ #Remcos 169 (40)
⬇️ #Lumma 139 (167)
⬆️ #Reverseloader 108 (21)
Explore malware in action: https://app.any.run/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_term=120126&utm_content=linktoregister#register
#webserver #log #Gh0st and others.
My web server is logging all sorts of weirdness, and I wonder whether it's worth classifying the attempts?
(It only answers GET method at the moment)
Gh0st I know is a RAT, and I recognise the Censys scans, but how about http method 'RIP', and requests starting with control characters e.g. 0x160302016f01 (only alphabetic 'o') or just 0x160301 ?
I'm not that worried, just interested :-)
Researchers have uncovered a new #malware, UULoader, being used to deliver powerful threats like #Gh0st RAT and Mimikatz.
With its focus on Chinese and Korean users, this malware could be part of a broader trend.
https://thehackernews.com/2024/08/new-uuloader-malware-distributes-gh0st.html
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst