Malware News
15.1K subscribers
1.63K photos
7 videos
130 files
7.97K links
The latest NEWS about malwares, DFIR, hacking, security issues, thoughts and ...

Partner channel: @cveNotify

For ads: https://telega.io/c/malwr
Download Telegram
Process Monitor for Linux (Preview)
Process Monitor (Procmon) is a Linux reimagining of the classic Procmon tool from the Sysinternals suite of tools for Windows. Procmon provides a convenient and efficient way for Linux developers to trace the syscall activity on the system.


https://github.com/microsoft/ProcMon-for-Linux

https://i.redd.it/d8qkly8c9hb51.gif
๐Ÿ—ฃr00tsuz


๐ŸŽ–@malwr
What was the Bitcoin Twitter hack?
The Bitcoin scam saw dozens of high-profile accounts send tweets urging users to transfer $1,000 (ยฃ794) with a link to a Bitcoin address.

In return, users were promised that their money would be doubled to $2,000 and returned to them.
Bitcoin, often termed as a cryptocurrency, a virtual currency or a digital currency, is a type of money that is completely virtual.
The hackers tweeted the same Bitcoin address across multiple Twitter accounts, with only minor variations to the wording of each tweet, such as saying they felt โ€œgenerousโ€ or wanted to โ€œgive backโ€.

A tweet on the account of Microsoft founder Bill Gates, for example, read: "Everyone is asking me to give backโ€ฆ You send $1,000, I send you back $2,000."

As Twitter bosses scrambled to stop the far-reaching hack, extraordinarily by 20:30 EDT (00:30 GMT Thursday) every verified account was blocked from tweeting for around three hours.
๐Ÿ—ฃIncognito1805G

Who was targeted?


A lot of people, with millions and millions of followers, most of them US-based.

Billionaires Elon Musk, Jeff Bezos and Bill Gates, to name a few, along with Warren Buffett, Kanye West, Kim Kardashian, Joe Biden, Wiz Khalifa and Floyd Mayweather.


Top global corporations with millions of followers were also breached, including the official accounts of Apple and Uber.

The hacker(s) appears to have targeted very famous accounts that would spread the scam as far as possible in as short a timeframe as possible, dubbed a digital โ€œsmash and grabโ€ by some commentators.


Given the amount of access they managed to gain, the hackers could have done much more damage to the reputations of the figures involved. However, they would have known the tweets would have been deleted hastily - and they were - so gaining quick cash seems to have been the overriding aim.


That said, the Bitcoin tweets on some accounts, such as Kim Kardashian's, stayed up for more than an hour and we donโ€™t know yet how much private information the hackers managed to steal.

As of yet, itโ€™s unclear who was responsible, however, sources close to or inside the hacking community told VICE that a Twitter insider was responsible, with one saying they paid the insider. These reports are unconfirmed.


What has Twitter said in response to the security breach?

The attention has quickly turned to Twitter, given it seems likely that the hackers breached the firmโ€™s central security systems, essentially giving them admin rights to go after any account they wanted.
๐Ÿ‘คIncognito1805G


๐ŸŽ–@malwr
CAPA - FireEye
๐Ÿ—ฃdeadbroccoli

>CAPA detects capabilities in executable files. You run it against a PE file or shellcode and it tells you what it thinks the program can do. For example, it might suggest that the file is a backdoor, is capable of installing services, or relies on HTTP to communicate.
๐Ÿ‘คdeadbroccoli


๐ŸŽ–@malwr
serpentine - Windows RAT (Remote Administration Tool) with a multiplatform RESTful C2 server
๐Ÿ—ฃjafarlihi

It's great that the client is in C++, but the Java server is a deal breaker.
๐Ÿ‘คPhisherPrice

I always knew RAT as โ€œRemote Access Trojanโ€
๐Ÿ‘คWiamly


๐ŸŽ–@malwr