Pyrzout :vm:<p>Fake DeepSeek AI Installers, Websites, and Apps Spreading Malware <a href="https://hackread.com/fake-deepseek-ai-installers-websites-apps-malware/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackread.com/fake-deepseek-ai-</span><span class="invisible">installers-websites-apps-malware/</span></a> <a href="https://social.skynetcloud.site/tags/ArtificialIntelligence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ArtificialIntelligence</span></a> <a href="https://social.skynetcloud.site/tags/ScamsandFraud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ScamsandFraud</span></a> <a href="https://social.skynetcloud.site/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/SEOPoisoning" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SEOPoisoning</span></a> <a href="https://social.skynetcloud.site/tags/DeepSeekR1" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DeepSeekR1</span></a> <a href="https://social.skynetcloud.site/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://social.skynetcloud.site/tags/DeepSeek" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DeepSeek</span></a> <a href="https://social.skynetcloud.site/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://social.skynetcloud.site/tags/Chatbot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Chatbot</span></a> <a href="https://social.skynetcloud.site/tags/Fraud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fraud</span></a> <a href="https://social.skynetcloud.site/tags/Scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scam</span></a> <a href="https://social.skynetcloud.site/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AI</span></a></p>
Búsquedas recientes
No hay búsquedas recientes
Opciones de búsqueda
Solo disponible si inicias sesión.
masto.es es uno de los varios servidores independientes de Mastodon que puedes usar para participar en el fediverso.
Bienvenidos a masto.es, el mayor servidor de Mastodon para hispanohablantes de temática general.
Registros limitados actualmente a invitaciones.
Administrado por:
Estadísticas del servidor:
1,9 Kusuarios activos
masto.es: Acerca de · Estado · Directorio de perfiles · Política de privacidad
Mastodon: Acerca de · Obtener la aplicación · Atajos de teclado · Ver código fuente · v4.3.8
#seopoisoning
0 publicaciones · 0 participantes · 0 publicaciones hoy
Juan Lobo<p>Por favor, expandir lo máximo posible entre vuestros conocidos el mensaje de que no copien nunca nada desde el navegador tras ejecutar Windows + R porque te lo dice un pop-up. No. Caca. Windows + R y después Control + V no, estás ejecutando un comando de powershell malicioso.</p><p>Un problema está siendo esto de los loaders con el Click-Fix, se está extendiendo como la pólvora este vector de ataque. Yo creo que los grupos criminales no se han puesto con esto antes porque es difícil entrar así, necesitas la complicidad activa del usuario, cómo va ser buena idea decirle a la gente "oye, ábrete el ejecutor de comandos y pega este comando que te doy y dale a enter para ejecutarlo en tu equipo", no es como el engaño fácil del click del phishing. Pero oye, quién iba a decir que todo el mundo sigue las instrucciones y lo ejecuta. </p><p>Estamos teniendo una oleada de esta técnica, por increíble que parezca.</p><p><a href="https://masto.es/tags/ciberseguridad" class="mention hashtag" rel="tag">#<span>ciberseguridad</span></a> <a href="https://masto.es/tags/seopoisoning" class="mention hashtag" rel="tag">#<span>seopoisoning</span></a> <a href="https://masto.es/tags/clickfix" class="mention hashtag" rel="tag">#<span>clickfix</span></a></p>
OTX Bot<p>SIEM agent being used in SilentCryptoMiner attacks</p><p>A global malware campaign targeting mainly Russian-speaking users has been distributing cryptocurrency mining malware through fake software download sites, Telegram channels, and YouTube videos. The multi-stage infection chain uses unusual techniques for persistence and evasion, including hiding malicious payloads in legitimate file signatures and abusing the Wazuh SIEM agent as a backdoor. The final payload injects the SilentCryptoMiner into explorer.exe to mine cryptocurrencies like Monero. The attackers use SEO poisoning, social engineering, and multiple persistence mechanisms to maintain access. While primarily focused on cryptomining, some variants can also steal cryptocurrency wallet addresses and take screenshots.</p><p>Pulse ID: 6703a4b33a02dffbd52f2427<br>Pulse Link: <a href="https://otx.alienvault.com/pulse/6703a4b33a02dffbd52f2427" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">otx.alienvault.com/pulse/6703a</span><span class="invisible">4b33a02dffbd52f2427</span></a> <br>Pulse Author: AlienVault<br>Created: 2024-10-07 09:06:59</p><p>Be advised, this data is unverified and should be considered preliminary. Always do further verification.</p><p><a href="https://social.raytec.co/tags/BackDoor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BackDoor</span></a> <a href="https://social.raytec.co/tags/CryptoMiner" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CryptoMiner</span></a> <a href="https://social.raytec.co/tags/CryptoMining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CryptoMining</span></a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OTX</span></a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenThreatExchange</span></a> <a href="https://social.raytec.co/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Russia</span></a> <a href="https://social.raytec.co/tags/SEOPoisoning" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SEOPoisoning</span></a> <a href="https://social.raytec.co/tags/SMS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SMS</span></a> <a href="https://social.raytec.co/tags/SocialEngineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SocialEngineering</span></a> <a href="https://social.raytec.co/tags/Telegram" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Telegram</span></a> <a href="https://social.raytec.co/tags/YouTube" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>YouTube</span></a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bot</span></a> <a href="https://social.raytec.co/tags/cryptocurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cryptocurrency</span></a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AlienVault</span></a></p>
Randy<p>Anybody have some thoughts on how to chase down all the SEO poison sites I'm seeing associated with this campaign? I'm easily seeing dozens, but suspect it's hundreds if not thousands.</p><p>There's two things I know so far. They're all using .de for the TLD and their title is empty. The google search I'm using is this.</p><p>powerlifting meets maryland site:.de title:""</p><p><a href="https://infosec.exchange/tags/SEOPoisoning" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SEOPoisoning</span></a> <a href="https://infosec.exchange/tags/ThreatHunting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ThreatHunting</span></a></p>
Randy<p>Hey! They got a new graphic for the fake captcha notification allow page. At least the first I've noticed it. I guess I got tired of seeing that same old robot every time. </p><p>This SEO poisoned site even has a handy sitemap. The compromised site appears to have a number of different poisoned page sets each with their own sitemap. But surprisingly not very much shows up in a site: search in google.</p><p>bettysarmy[.]com<br>sortyellowapples[.]com<br>firstblackphase[.]com<br>haxbyq[.]com<br>shbzek[.]com<br>ulmoyc[.]com<br>sizepigwed[.]live</p><p><a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ThreatIntel</span></a> <a href="https://infosec.exchange/tags/SEOPoisoning" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SEOPoisoning</span></a></p>
ExplorarCronologías
Mastodon es el mejor modo de mantenerse al día sobre qué está ocurriendo.
Sigue a cualquier persona en el fediverso y velo todo en orden cronológico. Sin algoritmos, sin anuncios o titulares engañosos.
Crear cuentaIniciar sesiónArrastra y suelta para subir