Over 2,000 Holiday-Themed Fake Stores Detected Exploiting Black Friday and Festive Sales

Two clusters of holiday-themed fake online stores have been identified ahead of Black Friday and other festive sales. The first cluster includes over 750 interconnected sites using uniform holiday banners and misleading trust indicators, many impersonating Amazon. The second cluster spans a .shop ecosystem with domains mimicking well-known consumer brands. These fake stores use identical phishing kits, fake urgency tactics, and shell checkout pages to capture sensitive financial information from victims. The scams exploit the holiday shopping season when consumers are actively searching for steep discounts. The fraudulent sites are likely to activate during peak shopping periods to maximize victim traffic and transaction volume, posing significant risks to unsuspecting shoppers.

Pulse ID: 6928a0ca4226eefa5410be43
Pulse Link: https://otx.alienvault.com/pulse/6928a0ca4226eefa5410be43
Pulse Author: AlienVault
Created: 2025-11-27 19:04:42

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Amazon #CyberSecurity #Holiday #ICS #InfoSec #Mimic #OTX #OpenThreatExchange #Phishing #Rust #bot #AlienVault

Inside DPRK's Fake Job Platform Targeting U.S. AI Talent

This analysis details a sophisticated DPRK-linked operation called Contagious Interview, which uses a fake job platform to target U.S. AI talent. The campaign mimics legitimate recruitment processes, offering job listings from well-known tech companies to lure victims. The platform, hosted at lenvny[.]com, is designed to appear as a legitimate AI-powered interview tool. It employs various techniques to establish credibility, including professional design, fake testimonials, and comparisons with real companies. The attack culminates in a malware delivery through a clipboard hijacking technique, triggered when victims attempt to record a video introduction. This operation specifically targets high-value professionals in AI and cryptocurrency sectors, aiming to gain access to strategic information and financial assets.

Pulse ID: 6926d16a60c2447d2c490745
Pulse Link: https://otx.alienvault.com/pulse/6926d16a60c2447d2c490745
Pulse Author: AlienVault
Created: 2025-11-26 10:07:38

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Clipboard #CyberSecurity #DPRK #ICS #InfoSec #Malware #Mimic #OTX #OpenThreatExchange #RAT #bot #cryptocurrency #AlienVault

Cooking up trouble: How TamperedChef uses signed apps to deliver stealthy payloads

The TamperedChef campaign is a global malvertising and SEO operation that distributes seemingly legitimate software with valid code signing to trick users into executing malicious installers. These fake applications mimic common software and establish persistence through scheduled tasks, delivering obfuscated JavaScript payloads for remote access. The campaign uses a network of U.S.-registered shell companies to acquire and rotate code-signing certificates, maintaining trust exploitation. Victims are primarily in the Americas, with a focus on healthcare, construction, and manufacturing industries. The campaign's infrastructure is designed for quick rebuilding after takedowns, using short-term domain registrations and certificate rotations. The attackers' motivations may include selling initial access, credential theft, ransomware staging, or opportunistic espionage.

Pulse ID: 6926b00a12a427dc4d783af7
Pulse Link: https://otx.alienvault.com/pulse/6926b00a12a427dc4d783af7
Pulse Author: AlienVault
Created: 2025-11-26 07:45:14

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Americas #CyberSecurity #Espionage #Healthcare #InfoSec #Java #JavaScript #Malvertising #Manufacturing #Mimic #OTX #OpenThreatExchange #RAT #RansomWare #Rust #bot #AlienVault

Digital Doppelgangers: Anatomy of Evolving Impersonation Campaigns Distributing Gh0st RAT

This report details two interconnected malware campaigns targeting Chinese-speaking users in 2025, using large-scale brand impersonation to deliver Gh0st RAT variants. The first campaign, active from February to March, mimicked three brands across over 2,000 domains. The second campaign, starting in May, impersonated over 40 applications with more sophisticated infection chains. Both campaigns used cloud infrastructure for payload delivery and DLL side-loading for evasion. The adversary demonstrated an evolving operational playbook, advancing from simple droppers to complex multi-stage infections. The campaigns' infrastructure remained active for months, indicating a persistent and well-resourced threat actor focused on Chinese-speaking targets globally.

Pulse ID: 6918168f887ca57be0147adb
Pulse Link: https://otx.alienvault.com/pulse/6918168f887ca57be0147adb
Pulse Author: AlienVault
Created: 2025-11-15 05:58:39

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Chinese #Cloud #CyberSecurity #Doppelganger #InfoSec #Malware #Mimic #NATO #OTX #OpenThreatExchange #RAT #RCE #bot #AlienVault

Inaugural Contenders Hall Of Fame Award Recipient Guillermo del Toro Says Working With Weinstein Brothers Was Worse Than Having Father Taken Hostage – Contenders Los Angeles
#News #Awardsnews #BobWeinstein #ContendersHallofFameAward #ContendersLosAngeles #Frankenstein #GuillermoDelToro #HarveyWeinstein #Mimic #Netflix #Novid

https://deadline.com/2025/11/guillermo-del-toro-weinstein-brothers-mimic-1236618627/

Prepped for tomorrow's tattoos :> doing two, but it's good to have size options ready!

#tattoo #tattoodesign #mimic #pokemon #chandelure #art #mastoart #CreativeToots #fediart #cute

New Phishing Campaign Uses Email Spoofing to Steal Login Credentials

Spoofs email delivery notices to mimic legitimate internal spam-filter alerts
exploiting trust in an organization’s security systems.

Pulse ID: 691629b38b076dcba9b71498
Pulse Link: https://otx.alienvault.com/pulse/691629b38b076dcba9b71498
Pulse Author: cryptocti
Created: 2025-11-13 18:55:47

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Email #InfoSec #Mimic #OTX #OpenThreatExchange #Phishing #Rust #Spam #bot #cryptocti

"Oh no, Mimics again?!!"

One week ago, our definitely-human Chest E. Cognito attended Voyeuristic Intention's screening of "The Rocky Horror Picture Show" at the CWRU Film Society cosplaying everyone's favorite dinner guest Eddie! Chesty was even one of Frank's Choice costume contest winners!

Visiting this shadowcast was a blast as VI was instrumental in the foundation of The Confused Greenies 19 years ago.

#CommediaDellArte #Commedia #Improv #Improvisation #Theater #Mimic #DnD #DungeonsAndDragons #RockyHorror #RockyHorrorPictureShow #RHPS #CWRU #CaseWesternReserveUniversity #CaseWesternReserve #CWRUFilmSociety #Meatloaf #Halloween #Costume #Cosplay

"Oh no, Mimics again?!!"

One week ago, our definitely-human Chest E. Cognito attended Voyeuristic Intention's screening of "The Rocky Horror Picture Show" at the CWRU Film Society cosplaying everyone's favorite dinner guest Eddie! Chesty was even one of Frank's Choice costume contest winners!

Visiting this shadowcast was a blast as VI was instrumental in the foundation of The Confused Greenies 19 years ago.

#CommediaDellArte #Commedia #Improv #Improvisation #Theater #Mimic #DnD #DungeonsAndDragons #RockyHorror #RockyHorrorPictureShow #RHPS #CWRU #CaseWesternReserveUniversity #CaseWesternReserve #CWRUFilmSociety #Meatloaf

13 𝑫𝙖𝒚𝙨 𝙤𝒇 𝑯𝙖𝒍𝙡𝒐𝙬𝒆𝙚𝒏: "𝙈𝒊𝙢𝒊𝙘" (1997) 𝙈𝒐𝙫𝒊𝙚 𝙍𝒆𝙫𝒊𝙚𝒘

2025 Theme: Decades of Horror
Director: Guillermo del Toro

#moviereview #halloween #horror #horrormovie #13DaysOfHalloween #mimic #monsterhorror #insects #GuillermodelToro

First steps in my new #dungeon 🧙🏻‍♀️
War so klar das ich als erstes Monster die #mimic erwische 😆

#DieInADungeon #dungenerator #rollinkunz

#brettspiele #boardgames #sologames #sologamer #brettspielliebe #dungeoncrawler

@brettspiele

Suggestion art, of an apple mimic.
#apple #creature #creaturedesign #creaturedesign #fruit #traditionalart #traditionalart #spider #arachnid #arachnoid #mimic #mimicry #insectoid #originalart #original #art

Day 14 - #Trunk - I decided to start drawing with a quill dipping pen and inkpot for this challenge.

or #Mimic

#inktober2025trunk #inktober2025day14 #illustration #art #Inktober #inktober2025

#happybirthday #felizcumpleanos @realGDT #guillermodeltoro #director #frankenstein #Pinocchio #CabinetofCuriosities #NightmareAlley #theshapeofwater #hellboy #TheGoldenArmy #panslabyrinth #crimsonpeak #thebookoflife #pacificrim #blade2 #mimic #dontbeafraidtothedark #cronos #TheStrain #Trollhunters #TalesofArcadia #wizards #RiseoftheTitans

Illustration of an ant-mimic bug (Myrmecoris gracilis) 🪲
-
#scientificillustration #zoology #biology #insect #animal #boardgame #insectarium #menagerie #cardgameart #sciart #bug #antmimic #mimic #ant

#DDnD number 5. Still catching up. This one is dedicated to the time when all the tables in the dungeon library tried to eat us. It is the #mimic
It's one I think I would be more comfortable doing in ink, but I've decided to stick to pencil for now. I might revisit some of these and redraw them with pen or ink.
#pencildrawing