#smokeloader

@theravenfile.bsky.social

3 months ago

🚨Exposing #LOCKBIT 5.0 Server: IP & DOMAIN

IP: 205.185.116.233 🇺🇸
#AS53667

Domain: karma0[.]xyz
Reg: 2 November 2025

💡LockBit Group uses #Smokeloader in their attacks
MD5: e818a9afd55693d556a47002a7b7ef31

#Lockbit5 #Ransomware #Security #Intelligence #OSINT #Databreach

0 0 1 0

piggo

@pigondrugs.bsky.social

6 months ago

SmokeLoader Malware Returns with Version 2025

~Zscaler~
SmokeLoader resurfaces with a new 'v2025' variant, featuring bug fixes and updated evasion techniques following the 'Operation Endgame' takedown.
-
IOCs: (None identified)
-
#Malware #SmokeLoader #ThreatIntel

0 0 0 0

@matricedigitale.bsky.social

7 months ago

Campagna MaaS usa Emmenhtal e Amadey per colpire entità ucraine via GitHub. Talos rivela tattiche e IOC per la mitigazione.

#Amadey #CiscoTalos #Emmenhtal #github #MaaS #SmokeLoader #ucraina
www.matricedigitale.it/2025/07/17/o...

1 0 0 0

ThreatInsight

@threatinsight.proofpoint.com

9 months ago

Operation Endgame - Global Law Enforcement Malware Takedown | Proofpoint US Operation Endgame was a widespread effort to disrupt malware and botnet operations. Learn how global law enforcement collaborated with Proofpoint to succeed.

In May 2024 Operation Endgame took down multiple malware families. Europol called it the “largest ever operation against botnets, which play a major role in the deployment of ransomware.” brnw.ch/21wSRiX

#IcedID #Bumblebee #SystemBC #Pikabot #SmokeLoader

0 0 1 0

piggo

@pigondrugs.bsky.social

10 months ago

Agenda Ransomware Adds SmokeLoader & NETXLOADER

~Trendmicro~
Agenda ransomware group now uses SmokeLoader and a new stealthy loader, NETXLOADER, increasing data theft risk.
-
IOCs: mxblog77[. ]cfd, bloglake7[. ]cfd, mxbook17[. ]cfd
-
#AgendaRansomware #NETXLOADER #SmokeLoader #ThreatIntel

0 0 0 0

Pablo Álvarez Corredera

@cibered.com

11 months ago

Policía detiene a Clientes del Malware Smokeloader y confisca sus Servidores - CIBERNINJAS La Operación Endgame continúa ganando fuerza: esta semana, las autoridades han detenido al menos a cinco individuos vinculados como clientes del botnet

🚨 Policía detiene a Clientes del Malware Smokeloader y confisca sus Servidores ciberninjas.com/policia-deti...

#Malware #Smokeloader #Ciberseguridad #Cibercriminales #Investigación #Confisca #SeguridadCibernética #Hackers

0 0 1 0

Hackread.com

@hackread.bsky.social

11 months ago

Smokeloader Users Identified and Arrested in Operation Endgame Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

🚨 #OperationEndgame - With the operators out of the picture, law enforcement is closing in on Smokeloader botnet’s paying customers across Europe and North America.

Read: hackread.com/smokeloader-...

#CyberSecurity #CyberCrime #Smokeloader #Botnet

4 1 0 0

@matricedigitale.bsky.social

11 months ago

Europol arresta cinque clienti del botnet Smokeloader: database cifrato rivela identità reali. Operazione Endgame colpisce domanda crime-as-a-service.

#botnet #crimeasaservice #cybercrime #database #europol #forensics #OperazioneEndgame #SmokeLoader
www.matricedigitale.it/sicurezza-in...

0 0 0 0

The DefendOps Diaries

@defendopsdiaries.bsky.social

11 months ago

Understanding the Smokeloader Botnet: A Persistent Cyber Threat | The DefendOps Diaries Explore the Smokeloader botnet's impact, adaptability, and law enforcement's efforts to dismantle this persistent cyber threat.

Smokeloader isn’t your everyday malware—it morphs into new threats and slips past defenses with ease. How long before cybercrime’s most elusive tool gets permanently shut down?

#smokeloader
#cybersecurity
#botnet
#malware
#cybercrime

1 1 0 0

GOMOOT

@meneguzzo68.bsky.social

11 months ago

CoffeeLoader: malware che evade le difese sfruttando le GPU CoffeeLoader: il malware che sfrutta le GPU per bypassare soluzioni antivirus avanzate rappresentando una minaccia significativa per la sicurezza informatica.

💡 CoffeeLoader il malware che evade le difese sfruttando la GPU

gomoot.com/coffeeloader...

#blog #coffeeloader #cybersecurity #gpu #malware #news #picks #ransomware #smokeloader #spuware #stack #tech #tecnologia #zscaler

1 0 0 0

キタきつね

@kitafox.bsky.social

11 months ago

CoffeeLoader Malware Loader Linked to SmokeLoader Operations Newly identified CoffeeLoader uses multiple evasion techniques and persistence mechanisms to deploy payloads and bypass endpoint security

CoffeeLoader マルウェアローダーが SmokeLoader オペレーションにリンク

CoffeeLoader Malware Loader Linked to SmokeLoader Operations #InfosecurityMagazine (Mar 27)

#CoffeeLoader #SmokeLoader #マルウェア #サイバーセキュリティ #脅威分析

0 0 0 0

Arda Büyükkaya

@whichbufferarda.bsky.social

1 year ago

Attacker compromised email account from mx[.]jurimex[.]ua to deliver phishing email. Email contains malicious URL abuse infrastructure from drive[.]legalaid[.]gov[.]ua, owned by Ukraine's Coordination Centre for Legal Aid Provision that was abused to deliver RAR file contains #SmokeLoader malware.

0 0 1 0

Arda Büyükkaya

@whichbufferarda.bsky.social

1 year ago

🚨 Targeted #phishing attacks on Ukrainian 🇺🇦 gov! Emails from moulmg@meta[.]ua & info@betta[.]com[.]ua deliver malicious 7ZIP files exploiting CVE-2025-0411 to drop #SmokeLoader. Notably, the meta[.]ua mail service has been previously abused by #APT28 (GRU) for #cyber operations.

1 0 1 0

The DefendOps Diaries

@defendopsdiaries.bsky.social

1 year ago

7-Zip MoTW Bypass Exploited in Zero-Day Attacks Against Ukraine: A Comprehensive Analysis | The DefendOps Diaries Explore the 7-Zip vulnerability exploited in zero-day attacks against Ukraine, highlighting the CVE-2025-0411 flaw and its implications.

7-Zip MoTW Bypass Exploited in Zero-Day Attacks Against Ukraine: A Comprehensive Analysis

thedefendopsdiaries.com/7-zip-motw-b...

#7zip
#zeroday
#cybersecurity
#ukraine
#motwbypass
#smokeloader
#cve20250411
#cyberattacks
#infosec

0 0 0 0

キタきつね

@kitafox.bsky.social

1 year ago

How attackers abuse S3 Bucket Namesquatting — And How to Stop Them AWS S3 bucket names are global with predictable names that can be exploited in "S3 bucket namesquatting" attacks to access or hijack S3 buckets. In this article, Varonis explains how these attacks…

攻撃者が S3 バケットネームスクワッティングを悪用する方法とそれを阻止する方法

How attackers abuse S3 Bucket Namesquatting — And How to Stop Them #BleepingComputer (Feb 5)

#SmokeLoader #7Zip脆弱性 #CVE20250411 #サイバースパイ #ウクライナ攻撃

0 0 0 0

SOC Prime

@socprime.com

1 year ago

CVE-2025-0411 Detection: russian Cybercrime Groups Rely on Zero-Day Vulnerability in 7-Zip to Target Ukrainian Organizations - SOC Prime Detect CVE-2025-0411 exploitation attempts, 7-Zip zero-day vulnerability used in a SmokeLoader campaign against Ukraine, with Sigma rules from SOC Prime.

CVE-2025-0411, a zero-day #vulnerability in 7-Zip is actively exploited by russian adversaries to target Ukraine in a #SmokeLoader campaign involving homoglyph attacks. Detect exploitation attempts using a set of #Sigma rules from SOC Prime Platform.
https://buff.ly/3EmgSht

2 1 0 0

キタきつね

@kitafox.bsky.social

1 year ago

7-Zip MotW bypass exploited in zero-day attacks against Ukraine A 7-Zip vulnerability allowing attackers to bypass the Mark of the Web (MotW) Windows security feature was exploited by Russian hackers as a zero-day since September 2024.

7-Zip MotW バイパスがウクライナへのゼロデイ攻撃で悪用される

7-Zip MotW bypass exploited in zero-day attacks against Ukraine #BleepingComputer (Feb 4)

#7-Zip脆弱性 #MotW回避 #ゼロデイ攻撃 #SmokeLoader #サイバーセキュリティ

0 0 0 0

ESET Research

@esetresearch.bsky.social

1 year ago

Chart showing malware families using AceCryptor

As for the malware families packed by the cryptor, we could yet again see the usual suspects such as #Rescoms, #Smokeloader, and #Stealc among the most delivered threats. 3/7

1 0 1 0

Rene Robichaud

@neroqc.bsky.social

1 year ago

SmokeLoader use d'anciens bugs Office pour mieux voler des données - Le Monde Informatique Le chargeur de malware modulaire bien connu SmokeLoader exploite deux anciennes failles de la suite Office de Microsoft pour déployer des plugins...

SmokeLoader use d'anciens bugs Office pour mieux voler des données
www.lemondeinformatique.fr/actualites/l...

#Infosec #Security #Cybersecurity #CeptBiro #SmokeLoader #Office #VolerDesDonnees

1 0 0 0

Nicolas Caproni

@caproni.fr

1 year ago

SmokeLoader Attack Targets Companies in Taiwan | FortiGuard Labs FortiGuard Labs has uncovered an attack targeting companies in Taiwan with SmokeLoader, which performs its attack with plugins this time. Learn more.…

#SmokeLoader Attack Targets Companies in Taiwan | FortiGuard Labs

1 0 0 0

MalWhere?

@malwhere.bsky.social

1 year ago

6/ Fortinet warns: "SmokeLoader uses plugins for attacks instead of downloading final-stage files." Analysts must remain cautious—even familiar malware like this can evolve, becoming a bigger threat.

#CyberSecurity #SmokeLoader #Taiwan #AI

0 0 0 0

Hackread.com

@hackread.bsky.social

1 year ago

SmokeLoader Malware Exploits MS Office Flaws to Steal Browser Data Follow us on Bluesky, Twitter (X) and Facebook at @Hackread

🚨 SmokeLoader malware is back, now more advanced and dangerous, with enhanced tools to steal harvast credentials - The malware was spotted targeting industries in #Taiwan 💻🔒

Read: hackread.com/smokeloader-...

#CyberSecurity #SmokeLoader #Malware #Taiwan