Lmst

Top 10 last week's threats by uploads 🌐
⬇️ #Lumma 353 (490)
⬆️ #Remcos 292 (228)
⬆️ #Agenttesla 291 (251)
⬆️ #Asyncrat 273 (190)
⬆️ #Dcrat 242 (159)
⬆️ #Xworm 198 (195)
⬇️ #Snake 180 (203)
⬇️ #Neconyd 175 (220)
⬆️ #Quasar 144 (115)
⬆️ #Darkcrystal 113 (73)
Track them all: https://any.run/malware-trends/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_content=tracker&utm_term=160625

#cybersecurity #infosec

Top 10 last week's threats by uploads 🌐
⬆️ #Lumma 509 (320)
⬆️ #Agenttesla 266 (164)
⬆️ #Remcos 232 (143)
⬆️ #Akira 222 (16)
⬆️ #Neconyd 221 (212)
⬇️ #Snake 211 (217)
⬇️ #Asyncrat 197 (306)
⬆️ #Xworm 195 (168)
⬆️ #Zombie 178 (123)
⬆️ #Dcrat 170 (128)

Track them all: https://any.run/malware-trends/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_content=tracker&utm_term=090625

#cybersecurity #infosec

Top 10 last week's threats by uploads 🌐
⬇️ #Lumma 328 (730)
⬇️ #Asyncrat 309 (490)
⬇️ #Snake 225 (425)
⬆️ #Maze 225 (4)
⬆️ #Neconyd 224 (111)
⬇️ #Xworm 169 (430)
⬇️ #Agenttesla 165 (219)
⬇️ #Remcos 151 (488)
⬆️ #Zombie 133 (131)
⬇️ #Dcrat 129 (215)
👉 Track them all: https://any.run/malware-trends/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_content=tracker&utm_term=020625

Top 10 last week's threats by uploads 🌐)
⬇️ #Lumma 733 (825)
⬆️ #Asyncrat 494 (447)
⬇️ #Remcos 491 (624)
⬆️ #Snake 432 (338)
⬇️ #Xworm 430 (440)
⬆️ #Amadey 249 (224)
⬇️ #Agenttesla 221 (265)
⬆️ #Dcrat 216 (126)
⬆️ #Stealc 136 (130)
⬆️ #Quasar 132 (78)
Track them all: https://any.run/malware-trends/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_content=tracker&utm_term=260525

🎁 Explore #ANYRUN's Birthday offers: https://app.any.run/plans/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten_bd25&utm_term=260525&utm_content=linktopricing/

#cybersecurity #infosec

Top 10 last week's threats by uploads 🌐
⬆️ #Lumma 854 (740)
⬆️ #Remcos 652 (524)
⬆️ #Asyncrat 482 (323)
⬆️ #Xworm 467 (415)
⬆️ #Snake 347 (336)
⬇️ #Agenttesla 268 (288)
⬆️ #Amadey 239 (186)
⬆️ #Dcrat 136 (85)
⬆️ #Stealc 136 (82)
⬆️ #Gcleaner 120 (90)
Track them all: https://any.run/malware-trends/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_content=tracker&utm_term=190525

Top 10 last week's threats by uploads 🌐
⬆️ #Lumma 753 (524)
⬆️ #Remcos 556 (130)
⬆️ #Xworm 427 (163)
⬆️ #Asyncrat 349 (165)
⬆️ #Snake 342 (182)
⬆️ #Agenttesla 299 (119)
⬆️ #Amadey 194 (185)
⬇️ #Neconyd 190 (286)
⬆️ #Quasar 114 (74)
⬆️ #Dcrat 87 (74)

👉 Track them all: https://any.run/malware-trends/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_content=tracker&utm_term=120525

Top 10 last week's threats by uploads 🌐
⬇️ #Lumma 524 (557)
⬆️ #Tofsee 347 (333)
⬆️ #Neconyd 286 (264)
⬆️ #Amadey 185 (150)
⬇️ #Snake 182 (252)
⬇️ #Asyncrat 165 (285)
⬇️ #Xworm 163 (305)
⬇️ #Remcos 130 (227)
⬆️ #Agenttesla 119 (113)
⬆️ #Stealc 103 (84)

🚀 Track them all: https://any.run/malware-trends/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_content=tracker&utm_term=050525

Top 10 last week's threats by uploads 🌐
⬇️ #Lumma 569 (1077)
⬆️ #Tofsee 363 (263)
⬇️ #Xworm 309 (1099)
⬇️ #Asyncrat 290 (395)
⬆️ #Neconyd 283 (169)
⬇️ #Snake 254 (379)
⬇️ #Remcos 232 (566)
⬇️ #Amadey 156 (380)
⬆️ #Formbook 134 (78)
⬇️ #Agenttesla 114 (271)

Track them all: https://any.run/malware-trends/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_content=tracker&utm_term=280425

Top 10 last week's threats by uploads 🌐
⬇️ #Lumma 592 (644)
⬇️ #Snake 306 (513)
⬇️ #Xworm 281 (341)
⬇️ #Asyncrat 277 (303)
⬆️ #Tofsee 264 (194)
⬆️ #Remcos 240 (203)
⬇️ #Agenttesla 195 (326)
⬆️ #Neconyd 169 (154)
⬆️ #Amadey 108 (95)
⬆️ #Quasar 91 (82)

Track them all: https://any.run/malware-trends/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_content=tracker&utm_term=210425

Top 10 last week's threats by uploads 🌐
⬇️ #Lumma 630 (647)
⬆️ #Tofsee 529 (524)
⬇️ #Xworm 305 (789)
⬇️ #Snake 251 (376)
⬆️ #Neconyd 218 (36)
⬇️ #Asyncrat 165 (377)
⬇️ #Amadey 146 (962)
⬇️ #Remcos 127 (876)
⬇️ #Agenttesla 116 (145)
⬆️ #Quasar 111 (107)

🛡️ Track them all: https://any.run/malware-trends/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_content=tracker&utm_term=140425

Top 10 last week's threats by uploads 🌐
⬇️ #Lumma 630 (647)
⬆️ #Tofsee 529 (524)
⬇️ #Xworm 305 (789)
⬇️ #Snake 251 (376)
⬆️ #Neconyd 218 (36)
⬇️ #Asyncrat 165 (377)
⬇️ #Amadey 146 (962)
⬇️ #Remcos 127 (876)
⬇️ #Agenttesla 116 (145)
⬆️ #Quasar 111 (107)

🛡️ Track them all: https://any.run/malware-trends/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_content=tracker&utm_term=070425

#Cybersecurity #infosec

Top 10 last week's threats by uploads 🌐
⬆️ #Amadey 963 (156)
⬇️ #Remcos 880 (923)
⬇️ #Xworm 792 (967)
⬆️ #Lumma 673 (659)
⬆️ #Tofsee 535 (144)
⬆️ #Snake 403 (326)
⬇️ #Asyncrat 380 (433)
⬇️ #Stealc 157 (171)
⬇️ #Agenttesla 153 (245)
⬇️ #Vidar 151 (178)

🛡️ Track them all: https://any.run/malware-trends/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_content=tracker&utm_term=310325

#Cybersecurity #infosec

Top 10 last week's threats by uploads 🌐
⬆️ #Xworm 983 (391)
⬆️ #Remcos 936 (172)
⬆️ #Lumma 686 (531)
⬆️ #Asyncrat 436 (279)
⬆️ #Snake 346 (315)
⬆️ #Agenttesla 251 (161)
⬇️ #Dcrat 189 (192)
⬆️ #Vidar 184 (59)
⬆️ #Stealc 176 (49)
⬆️ #Amadey 160 (91)

Track them all: https://any.run/malware-trends/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_content=tracker&utm_term=240325

#Cybersecurity #infosec

2025-02-12 (Wed): #VIP_Recovery (an #AgentTesla variant) from Brazil #malspam --> zip attachment --> extracted EXE.

File name: Factura Gastos.exe

Email accounts for data exfiltration: antonipont@grupobdb[.]com --> cludsewe3@gmail[.]com

EXE available at: https://bazaar.abuse.ch/sample/c7620ccaf9c2d47ba08cf85e65e55ea974f8887e18d96574a1aa63f09e836451/

2025-02-07 (Friday): Today's boring example of #malpsam pushing #GuLoader for #AgentTesla style malware. EXE of this malware available at https://bazaar.abuse.ch/sample/833aae0bc34e211145371b619b7c542864e9f864e26de1690fd2f6be76fcb174

2025-01-31 (Friday): Two pcaps with traffic of #AgentTesla-style data exfil.

One #pcap has FTP exfil, while the other pcap is "VIP Recovery" and has SMTP exfil.

Pcaps available at https://www.malware-traffic-analysis.net/2025/01/31/index.html

👾 #Lumma, #AgentTesla, and #AsyncRAT became the top uploaded threats in 2024

Explore the most prevalent #malware types and MITRE ATT&CK techniques in ANYRUN's 2024 Malware Trends Report to stay informed and proactive: https://any.run/cybersecurity-blog/malware-trends-2024/?utm_source=mastodon&utm_medium=post&utm_campaign=malware_families2024&utm_content=linktoblog&utm_term=220125

#cybersecurity #infosec

2025-01-09 (Thursday):

#CVE-2017-0199 Excel (#XLS) file --> #HTA --> #VBS --> #steganography --> #DBatLoader or #GuLoader style malware for #AgentTesla. Data exfil over FTP. A #pcap from an infection, the associated malware, and more info available at www.malware-traffic-analysis.net/2025/01/09/index.html

📢 Campagne #Malware #Italy - Week 52 🚨

☣️👻💣☠️
#Formbook: Ordine
#Lumma: Fake OpenAI
#SnakeKeylogger: Fattura
#Astaroth: Fattura
#AgentTesla: Booking

#mwitaly #CyberSecurity #MalwareAlert

🌐 Campagne #Malware in Italia - Week 49

📞 #APK Bank
🕵️‍♂️ #SpyNote / #Antidot / #Irata / #DroidBot / #SmSSpy
✉️ Email Campaigns
💼 #Formbook: Preventivo
📦 #AgentTesla: Spedizione
📑 #Remcos: Fattura
💰 #GuLoader: Pagamento
🧾 #XWorm: Fattura
🐍 #SnakeKeyLogger: Bonifico
🔖 #Lokibot: Prezzo
©️ #Rhadamanthys: Copyright
📄 #VipKeyLoggerL: Documento

📢 Resta vigile! 🚨

#mwitaly #CyberSecurity #StaySafe

#agenttesla

Client Info