mastodon.world is one of the many independent Mastodon servers you can use to participate in the fediverse.
Generic Mastodon server for anyone to use.

Server stats:

8.8K
active users

#AsyncRAT

1 post1 participant0 posts today
OTX Bot<p>Reborn in Rust: Attempt to thwart malware analysis</p><p>AsyncRAT, a remote access trojan known since 2019, has been rewritten in Rust, marking a shift from its original C# implementation. This change aims to complicate reverse engineering efforts due to limited analysis tool support for Rust. The malware retains its core functionality, including plugin installation, code execution, and persistence. It installs via scheduled tasks or temporary directory copying, stores plugins in the registry, and communicates with command and control servers over TLS. The Rust variant supports fewer commands compared to its .NET counterpart, suggesting ongoing development. The malware collects system information, including hardware ID, OS details, and antivirus software presence. Debug strings in the samples indicate active development of this Rust version.</p><p>Pulse ID: 68346595ae982472dd23e2a0<br>Pulse Link: <a href="https://otx.alienvault.com/pulse/68346595ae982472dd23e2a0" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">otx.alienvault.com/pulse/68346</span><span class="invisible">595ae982472dd23e2a0</span></a> <br>Pulse Author: AlienVault<br>Created: 2025-05-26 12:59:01</p><p>Be advised, this data is unverified and should be considered preliminary. Always do further verification.</p><p><a href="https://social.raytec.co/tags/AsyncRAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AsyncRAT</span></a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://social.raytec.co/tags/NET" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NET</span></a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OTX</span></a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenThreatExchange</span></a> <a href="https://social.raytec.co/tags/RAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RAT</span></a> <a href="https://social.raytec.co/tags/RemoteAccessTrojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RemoteAccessTrojan</span></a> <a href="https://social.raytec.co/tags/Rust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Rust</span></a> <a href="https://social.raytec.co/tags/TLS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TLS</span></a> <a href="https://social.raytec.co/tags/Trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Trojan</span></a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bot</span></a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AlienVault</span></a></p>
OTX Bot<p>RAT Dropped By Two Layers of AutoIT Code</p><p>A malware attack involving multiple layers of AutoIT code has been discovered. The initial file, disguised as a project file, contains AutoIT script that generates and executes a PowerShell script. This script downloads an AutoIT interpreter and another layer of AutoIT code. Persistence is achieved through a startup shortcut. The second layer of AutoIT code is heavily obfuscated and ultimately spawns a process injected with the final malware, likely AsyncRAT or PureHVNC. The attack utilizes various techniques including file downloads, script execution, and process injection to deliver and maintain the malicious payload.</p><p>Pulse ID: 682afb96260a8200f94a1698<br>Pulse Link: <a href="https://otx.alienvault.com/pulse/682afb96260a8200f94a1698" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">otx.alienvault.com/pulse/682af</span><span class="invisible">b96260a8200f94a1698</span></a> <br>Pulse Author: AlienVault<br>Created: 2025-05-19 09:36:22</p><p>Be advised, this data is unverified and should be considered preliminary. Always do further verification.</p><p><a href="https://social.raytec.co/tags/AsyncRAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AsyncRAT</span></a> <a href="https://social.raytec.co/tags/Autoit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Autoit</span></a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OTX</span></a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenThreatExchange</span></a> <a href="https://social.raytec.co/tags/PowerShell" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PowerShell</span></a> <a href="https://social.raytec.co/tags/RAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RAT</span></a> <a href="https://social.raytec.co/tags/ScriptExecution" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ScriptExecution</span></a> <a href="https://social.raytec.co/tags/VNC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VNC</span></a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bot</span></a> <a href="https://social.raytec.co/tags/hVNC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hVNC</span></a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AlienVault</span></a></p>
ANY.RUN<p>Top 10 last week's threats by uploads 🌐<br>⬆️ <a href="https://infosec.exchange/tags/Lumma" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Lumma</span></a> 854 (740)<br>⬆️ <a href="https://infosec.exchange/tags/Remcos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Remcos</span></a> 652 (524)<br>⬆️ <a href="https://infosec.exchange/tags/Asyncrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Asyncrat</span></a> 482 (323)<br>⬆️ <a href="https://infosec.exchange/tags/Xworm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Xworm</span></a> 467 (415)<br>⬆️ <a href="https://infosec.exchange/tags/Snake" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Snake</span></a> 347 (336)<br>⬇️ <a href="https://infosec.exchange/tags/Agenttesla" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Agenttesla</span></a> 268 (288)<br>⬆️ <a href="https://infosec.exchange/tags/Amadey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Amadey</span></a> 239 (186)<br>⬆️ <a href="https://infosec.exchange/tags/Dcrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Dcrat</span></a> 136 (85)<br>⬆️ <a href="https://infosec.exchange/tags/Stealc" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Stealc</span></a> 136 (82)<br>⬆️ <a href="https://infosec.exchange/tags/Gcleaner" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Gcleaner</span></a> 120 (90)<br>Track them all: <a href="https://any.run/malware-trends/?utm_source=mastodon&amp;utm_medium=post&amp;utm_campaign=top_ten&amp;utm_content=tracker&amp;utm_term=190525" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">any.run/malware-trends/?utm_so</span><span class="invisible">urce=mastodon&amp;utm_medium=post&amp;utm_campaign=top_ten&amp;utm_content=tracker&amp;utm_term=190525</span></a></p>
ANY.RUN<p>Top 10 last week's threats by uploads 🌐<br>⬆️ <a href="https://infosec.exchange/tags/Lumma" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Lumma</span></a> 753 (524)<br>⬆️ <a href="https://infosec.exchange/tags/Remcos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Remcos</span></a> 556 (130)<br>⬆️ <a href="https://infosec.exchange/tags/Xworm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Xworm</span></a> 427 (163)<br>⬆️ <a href="https://infosec.exchange/tags/Asyncrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Asyncrat</span></a> 349 (165)<br>⬆️ <a href="https://infosec.exchange/tags/Snake" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Snake</span></a> 342 (182)<br>⬆️ <a href="https://infosec.exchange/tags/Agenttesla" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Agenttesla</span></a> 299 (119)<br>⬆️ <a href="https://infosec.exchange/tags/Amadey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Amadey</span></a> 194 (185)<br>⬇️ <a href="https://infosec.exchange/tags/Neconyd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Neconyd</span></a> 190 (286)<br>⬆️ <a href="https://infosec.exchange/tags/Quasar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Quasar</span></a> 114 (74)<br>⬆️ <a href="https://infosec.exchange/tags/Dcrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Dcrat</span></a> 87 (74)</p><p>👉 Track them all: <a href="https://any.run/malware-trends/?utm_source=mastodon&amp;utm_medium=post&amp;utm_campaign=top_ten&amp;utm_content=tracker&amp;utm_term=120525" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">any.run/malware-trends/?utm_so</span><span class="invisible">urce=mastodon&amp;utm_medium=post&amp;utm_campaign=top_ten&amp;utm_content=tracker&amp;utm_term=120525</span></a></p>
2rZiKKbOU3nTafniR2qMMSE0gwZDistribution of PebbleDash Malware in March 2025 PebbleDash is a backdoor malware that was previo...<br><br><a href="https://asec.ahnlab.com/en/87621/" rel="nofollow noopener noreferrer" target="_blank">https://asec.ahnlab.com/en/87621/</a><br><br><a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/APT" target="_blank">#APT</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Malware" target="_blank">#Malware</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Public" target="_blank">#Public</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/AsyncRAT" target="_blank">#AsyncRAT</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/PebbleDash" target="_blank">#PebbleDash</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/RDP" target="_blank">#RDP</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Root" target="_blank">#Root</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/SpearPhishing" target="_blank">#SpearPhishing</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/termsrv.dll" target="_blank">#termsrv.dll</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/UACBypass" target="_blank">#UACBypass</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/UACMe" target="_blank">#UACMe</a><br><br><a href="https://awakari.com/pub-msg.html?id=FF5T03Elrr2fWCi3Bjgxm7qRtL6&amp;interestId=2rZiKKbOU3nTafniR2qMMSE0gwZ" rel="nofollow noopener noreferrer" target="_blank">Result Details</a>
Sekoia.io<p>Our new report describes one of the latest observed infection chains (delivering <a href="https://infosec.exchange/tags/AsyncRAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AsyncRAT</span></a>) relying on the <a href="https://infosec.exchange/tags/Cloudflare" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cloudflare</span></a> tunnel infrastructure and the attacker’s <a href="https://infosec.exchange/tags/TTPs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TTPs</span></a> with a principal focus on detection opportunities. </p><p><a href="https://blog.sekoia.io/detecting-multi-stage-infection-chains-madness/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.sekoia.io/detecting-multi</span><span class="invisible">-stage-infection-chains-madness/</span></a></p>
Pyrzout :vm:<p>Booking.com Phishing Scam Uses Fake CAPTCHA to Install AsyncRAT – Source:hackread.com <a href="https://ciso2ciso.com/booking-com-phishing-scam-uses-fake-captcha-to-install-asyncrat-sourcehackread-com/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ciso2ciso.com/booking-com-phis</span><span class="invisible">hing-scam-uses-fake-captcha-to-install-asyncrat-sourcehackread-com/</span></a> <a href="https://social.skynetcloud.site/tags/1CyberSecurityNewsPost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>1CyberSecurityNewsPost</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/PhishingScam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhishingScam</span></a> <a href="https://social.skynetcloud.site/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberAttack</span></a> <a href="https://social.skynetcloud.site/tags/0CISO2CISO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>0CISO2CISO</span></a> <a href="https://social.skynetcloud.site/tags/Bookingcom" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bookingcom</span></a> <a href="https://social.skynetcloud.site/tags/AsyncRAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AsyncRAT</span></a> <a href="https://social.skynetcloud.site/tags/Hackread" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hackread</span></a> <a href="https://social.skynetcloud.site/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://social.skynetcloud.site/tags/Captcha" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Captcha</span></a> <a href="https://social.skynetcloud.site/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> <a href="https://social.skynetcloud.site/tags/Fraud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fraud</span></a> <a href="https://social.skynetcloud.site/tags/Scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scam</span></a></p>
Pyrzout :vm:<p>Booking.com Phishing Scam Uses Fake CAPTCHA to Install AsyncRAT <a href="https://hackread.com/booking-com-phishing-scam-fake-captcha-asyncrat/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackread.com/booking-com-phish</span><span class="invisible">ing-scam-fake-captcha-asyncrat/</span></a> <a href="https://social.skynetcloud.site/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/PhishingScam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PhishingScam</span></a> <a href="https://social.skynetcloud.site/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberAttack</span></a> <a href="https://social.skynetcloud.site/tags/Bookingcom" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bookingcom</span></a> <a href="https://social.skynetcloud.site/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://social.skynetcloud.site/tags/AsyncRAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AsyncRAT</span></a> <a href="https://social.skynetcloud.site/tags/Captcha" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Captcha</span></a> <a href="https://social.skynetcloud.site/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://social.skynetcloud.site/tags/Fraud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fraud</span></a> <a href="https://social.skynetcloud.site/tags/Scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scam</span></a></p>
Hackread.com<p>Watch Out!🚨 New phishing scam targets hotel staff with fake <a href="https://mstdn.social/tags/Booking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Booking</span></a>.com emails. A fake CAPTCHA leads to AsyncRAT malware via a Windows Run trick.</p><p>Read more: <a href="https://hackread.com/booking-com-phishing-scam-fake-captcha-asyncrat/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackread.com/booking-com-phish</span><span class="invisible">ing-scam-fake-captcha-asyncrat/</span></a></p><p><a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mstdn.social/tags/AsyncRAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AsyncRAT</span></a> <a href="https://mstdn.social/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Phishing</span></a> <a href="https://mstdn.social/tags/Scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scam</span></a></p>
ANY.RUN<p>Top 10 last week's threats by uploads 🌐<br>⬇️ <a href="https://infosec.exchange/tags/Lumma" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Lumma</span></a> 630 (647)<br>⬆️ <a href="https://infosec.exchange/tags/Tofsee" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tofsee</span></a> 529 (524)<br>⬇️ <a href="https://infosec.exchange/tags/Xworm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Xworm</span></a> 305 (789)<br>⬇️ <a href="https://infosec.exchange/tags/Snake" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Snake</span></a> 251 (376)<br>⬆️ <a href="https://infosec.exchange/tags/Neconyd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Neconyd</span></a> 218 (36)<br>⬇️ <a href="https://infosec.exchange/tags/Asyncrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Asyncrat</span></a> 165 (377)<br>⬇️ <a href="https://infosec.exchange/tags/Amadey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Amadey</span></a> 146 (962)<br>⬇️ <a href="https://infosec.exchange/tags/Remcos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Remcos</span></a> 127 (876)<br>⬇️ <a href="https://infosec.exchange/tags/Agenttesla" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Agenttesla</span></a> 116 (145)<br>⬆️ <a href="https://infosec.exchange/tags/Quasar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Quasar</span></a> 111 (107)</p><p>🛡️ Track them all: <a href="https://any.run/malware-trends/?utm_source=mastodon&amp;utm_medium=post&amp;utm_campaign=top_ten&amp;utm_content=tracker&amp;utm_term=070425" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">any.run/malware-trends/?utm_so</span><span class="invisible">urce=mastodon&amp;utm_medium=post&amp;utm_campaign=top_ten&amp;utm_content=tracker&amp;utm_term=070425</span></a></p><p><a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a></p>
ANY.RUN<p>Top 10 last week's threats by uploads 🌐<br>⬆️ <a href="https://infosec.exchange/tags/Amadey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Amadey</span></a> 963 (156)<br>⬇️ <a href="https://infosec.exchange/tags/Remcos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Remcos</span></a> 880 (923)<br>⬇️ <a href="https://infosec.exchange/tags/Xworm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Xworm</span></a> 792 (967)<br>⬆️ <a href="https://infosec.exchange/tags/Lumma" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Lumma</span></a> 673 (659)<br>⬆️ <a href="https://infosec.exchange/tags/Tofsee" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tofsee</span></a> 535 (144)<br>⬆️ <a href="https://infosec.exchange/tags/Snake" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Snake</span></a> 403 (326)<br>⬇️ <a href="https://infosec.exchange/tags/Asyncrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Asyncrat</span></a> 380 (433)<br>⬇️ <a href="https://infosec.exchange/tags/Stealc" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Stealc</span></a> 157 (171)<br>⬇️ <a href="https://infosec.exchange/tags/Agenttesla" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Agenttesla</span></a> 153 (245)<br>⬇️ <a href="https://infosec.exchange/tags/Vidar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Vidar</span></a> 151 (178)</p><p>🛡️ Track them all: <a href="https://any.run/malware-trends/?utm_source=mastodon&amp;utm_medium=post&amp;utm_campaign=top_ten&amp;utm_content=tracker&amp;utm_term=310325" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">any.run/malware-trends/?utm_so</span><span class="invisible">urce=mastodon&amp;utm_medium=post&amp;utm_campaign=top_ten&amp;utm_content=tracker&amp;utm_term=310325</span></a></p><p><a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a></p>
ANY.RUN<p>Top 10 last week's threats by uploads 🌐<br>⬆️ <a href="https://infosec.exchange/tags/Xworm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Xworm</span></a> 983 (391)<br>⬆️ <a href="https://infosec.exchange/tags/Remcos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Remcos</span></a> 936 (172)<br>⬆️ <a href="https://infosec.exchange/tags/Lumma" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Lumma</span></a> 686 (531)<br>⬆️ <a href="https://infosec.exchange/tags/Asyncrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Asyncrat</span></a> 436 (279)<br>⬆️ <a href="https://infosec.exchange/tags/Snake" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Snake</span></a> 346 (315)<br>⬆️ <a href="https://infosec.exchange/tags/Agenttesla" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Agenttesla</span></a> 251 (161)<br>⬇️ <a href="https://infosec.exchange/tags/Dcrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Dcrat</span></a> 189 (192)<br>⬆️ <a href="https://infosec.exchange/tags/Vidar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Vidar</span></a> 184 (59)<br>⬆️ <a href="https://infosec.exchange/tags/Stealc" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Stealc</span></a> 176 (49)<br>⬆️ <a href="https://infosec.exchange/tags/Amadey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Amadey</span></a> 160 (91)</p><p>Track them all: <a href="https://any.run/malware-trends/?utm_source=mastodon&amp;utm_medium=post&amp;utm_campaign=top_ten&amp;utm_content=tracker&amp;utm_term=240325" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">any.run/malware-trends/?utm_so</span><span class="invisible">urce=mastodon&amp;utm_medium=post&amp;utm_campaign=top_ten&amp;utm_content=tracker&amp;utm_term=240325</span></a></p><p><a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a></p>
ESET Research<p><a href="https://infosec.exchange/tags/ESETresearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ESETresearch</span></a> has uncovered the <a href="https://infosec.exchange/tags/MirrorFace" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MirrorFace</span></a> Operation AkaiRyū, which extends the group’s usual focus beyond Japan into Europe. The initial lure centered around Expo 2025 in Japan, compromising a Central European diplomatic institute. <br><a href="https://www.welivesecurity.com/en/eset-research/operation-akairyu-mirrorface-invites-europe-expo-2025-revives-anel-backdoor/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">welivesecurity.com/en/eset-res</span><span class="invisible">earch/operation-akairyu-mirrorface-invites-europe-expo-2025-revives-anel-backdoor/</span></a></p><p>Surprisingly, <a href="https://infosec.exchange/tags/MirrorFace" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MirrorFace</span></a> used <a href="https://infosec.exchange/tags/ANEL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ANEL</span></a> – a backdoor historically linked only to <a href="https://infosec.exchange/tags/APT10" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>APT10</span></a> – highlighting a shift in the group’s tactics and reinforcing suspicions that MirrorFace could be part of the APT10 umbrella.<br>Operation AkaiRyū began with targeted spearphishing emails referencing the victim’s past correspondence and Expo 2025 , persuading recipients to download malicious attachments. <br>Once the files were opened, a layered compromise chain ensued . Collaborating with the victim allowed us to perform in-depth analysis, shedding light on MirrorFace’s post-compromise behavior – from credential harvesting to dropping additional tools for lateral movement. </p><p><a href="https://infosec.exchange/tags/MirrorFace" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MirrorFace</span></a> used an intricate execution chain to stealthily run a highly tweaked <a href="https://infosec.exchange/tags/AsyncRAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AsyncRAT</span></a> within <a href="https://infosec.exchange/tags/WindowsSandbox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WindowsSandbox</span></a>, hampering detection efforts. This is the first time we’ve seen MirrorFace employ AsyncRAT.<br>In another twist, <a href="https://infosec.exchange/tags/MirrorFace" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MirrorFace</span></a> utilized <a href="https://infosec.exchange/tags/VSCode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VSCode</span></a> remote tunnels, a tactic enabling covert access and command execution on compromised machines. This approach has also been seen with other China-aligned cyberespionage groups.<br>The group primarily leveraged <a href="https://infosec.exchange/tags/ANEL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ANEL</span></a> as a first-stage backdoor, <a href="https://infosec.exchange/tags/HiddenFace" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HiddenFace</span></a> – MirrorFace’s flagship backdoor – was dropped later in the attack to bolster persistence . Notably absent this time was <a href="https://infosec.exchange/tags/LODEINFO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LODEINFO</span></a>, which <a href="https://infosec.exchange/tags/MirrorFace" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MirrorFace</span></a> typically employs.</p><p>We presented our findings about Operation AkaiRyū conducted by <a href="https://infosec.exchange/tags/MirrorFace" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MirrorFace</span></a> at @jpcert_ac on January 22, 2025: <a href="https://jsac.jpcert.or.jp" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">jsac.jpcert.or.jp</span><span class="invisible"></span></a>.<br>IoCs available in our GitHub repo: <a href="https://github.com/eset/malware-ioc/tree/master/mirrorface" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/eset/malware-ioc/tr</span><span class="invisible">ee/master/mirrorface</span></a></p>
nemo™ 🇺🇦<p>A new campaign, dubbed Desert Dexter, is targeting the Middle East &amp; North Africa, impacting ~900 victims since fall '24! 😱 They're using social media &amp; altered AsyncRAT malware to steal data &amp; crypto. Watch out for malicious ads &amp; file-sharing links! ⚠️ <a href="https://mas.to/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://mas.to/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> <a href="https://mas.to/tags/AsyncRAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AsyncRAT</span></a> <a href="https://mas.to/tags/DesertDexter" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DesertDexter</span></a> <a href="https://mas.to/tags/newz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>newz</span></a> </p><p><a href="https://thehackernews.com/2025/03/desert-dexter-targets-900-victims-using.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thehackernews.com/2025/03/dese</span><span class="invisible">rt-dexter-targets-900-victims-using.html</span></a></p>
Just Another Blue Teamer<p>Happy Friday everyone!</p><p>I feel like this has become a weekly PSA but Kaspersky Securelist researchers have identified hundreds of <a href="https://ioc.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitHub</span></a> projects that are serving up malicious code designed to steal saved credentials, cryptocurrency wallets, and browsing history. Sometimes this execution of code leads to the <a href="https://ioc.exchange/tags/ASyncRAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ASyncRAT</span></a> or <a href="https://ioc.exchange/tags/Quasar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Quasar</span></a> Backdoor, but the threat remains the same: blindly executing code from GitHub. I hope you enjoy and Happy Hunting!</p><p>The GitVenom campaign: cryptocurrency theft using GitHub</p><p><a href="https://securelist.com/gitvenom-campaign/115694/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securelist.com/gitvenom-campai</span><span class="invisible">gn/115694/</span></a></p><p>Intel 471 Cyborg Security, Now Part of Intel 471 <a href="https://ioc.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ThreatIntel</span></a> <a href="https://ioc.exchange/tags/ThreatHunting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ThreatHunting</span></a> <a href="https://ioc.exchange/tags/ThreatDetection" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ThreatDetection</span></a> <a href="https://ioc.exchange/tags/HappyHunting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HappyHunting</span></a> <a href="https://ioc.exchange/tags/readoftheday" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>readoftheday</span></a></p>
2rZiKKbOU3nTafniR2qMMSE0gwZGhost in the Shell: Null-AMSI Bypasses Security to Deploy AsyncRAT Cyble Research and Intelligenc...<br><br><a href="https://thecyberexpress.com/asyncrat-attack/" rel="nofollow noopener noreferrer" target="_blank">https://thecyberexpress.com/asyncrat-attack/</a><br><br><a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Firewall" target="_blank">#Firewall</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Daily" target="_blank">#Daily</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Cyber" target="_blank">#Cyber</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/News" target="_blank">#News</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Dark" target="_blank">#Dark</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Web" target="_blank">#Web</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/News" target="_blank">#News</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/AsyncRAT" target="_blank">#AsyncRAT</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Itachi" target="_blank">#Itachi</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Uchiha" target="_blank">#Uchiha</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Null-AMSI" target="_blank">#Null-AMSI</a><br><br><a href="https://awakari.com/pub-msg.html?id=SWte5oJIsVAKXzGKY3o6keK9560" rel="nofollow noopener noreferrer" target="_blank">Event Attributes</a>
2rZiKKbOU3nTafniR2qMMSE0gwZGhost in the Shell: Null-AMSI Bypasses Security to Deploy AsyncRAT Cyble Research and Intelligenc...<br><br><a href="https://thecyberexpress.com/asyncrat-attack/" rel="nofollow noopener noreferrer" target="_blank">https://thecyberexpress.com/asyncrat-attack/</a><br><br><a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Firewall" target="_blank">#Firewall</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Daily" target="_blank">#Daily</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Cyber" target="_blank">#Cyber</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/News" target="_blank">#News</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Dark" target="_blank">#Dark</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Web" target="_blank">#Web</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/News" target="_blank">#News</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/AsyncRAT" target="_blank">#AsyncRAT</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Itachi" target="_blank">#Itachi</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Uchiha" target="_blank">#Uchiha</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Null-AMSI" target="_blank">#Null-AMSI</a><br><br><a href="https://awakari.com/pub-msg.html?id=UcvDlnXExpPoHPzenAWJaG3tlLs" rel="nofollow noopener noreferrer" target="_blank">Event Attributes</a>
2rZiKKbOU3nTafniR2qMMSE0gwZGhost in the Shell: Null-AMSI Bypasses Security to Deploy AsyncRAT Cyble Research and Intelligenc...<br><br><a href="https://thecyberexpress.com/asyncrat-attack/" rel="nofollow noopener noreferrer" target="_blank">https://thecyberexpress.com/asyncrat-attack/</a><br><br><a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Firewall" target="_blank">#Firewall</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Daily" target="_blank">#Daily</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Cyber" target="_blank">#Cyber</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/News" target="_blank">#News</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Dark" target="_blank">#Dark</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Web" target="_blank">#Web</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/News" target="_blank">#News</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/AsyncRAT" target="_blank">#AsyncRAT</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Itachi" target="_blank">#Itachi</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Uchiha" target="_blank">#Uchiha</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Null-AMSI" target="_blank">#Null-AMSI</a><br><br><a href="https://awakari.com/pub-msg.html?id=9lxtXJCs1B3p9THOTlgY3JIZr7I" rel="nofollow noopener noreferrer" target="_blank">Event Attributes</a>
2rZiKKbOU3nTafniR2qMMSE0gwZGhost in the Shell: Null-AMSI Bypasses Security to Deploy AsyncRAT Cyble Research and Intelligenc...<br><br><a href="https://thecyberexpress.com/asyncrat-attack/" rel="nofollow noopener noreferrer" target="_blank">https://thecyberexpress.com/asyncrat-attack/</a><br><br><a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Firewall" target="_blank">#Firewall</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Daily" target="_blank">#Daily</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Cyber" target="_blank">#Cyber</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/News" target="_blank">#News</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Dark" target="_blank">#Dark</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Web" target="_blank">#Web</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/News" target="_blank">#News</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/AsyncRAT" target="_blank">#AsyncRAT</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Itachi" target="_blank">#Itachi</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Uchiha" target="_blank">#Uchiha</a> <a rel="nofollow noopener noreferrer" class="mention hashtag" href="https://mastodon.social/tags/Null-AMSI" target="_blank">#Null-AMSI</a><br><br><a href="https://awakari.com/pub-msg.html?id=Zo6c4DheWF0Q0XaWGPnylRw6WJM" rel="nofollow noopener noreferrer" target="_blank">Event Attributes</a>
Pyrzout :vm:<p>Ghost in the Shell: Null-AMSI Bypasses Security to Deploy AsyncRAT <a href="https://thecyberexpress.com/asyncrat-attack/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thecyberexpress.com/asyncrat-a</span><span class="invisible">ttack/</span></a> <a href="https://social.skynetcloud.site/tags/TheCyberExpressNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TheCyberExpressNews</span></a> <a href="https://social.skynetcloud.site/tags/remoteaccesstrojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>remoteaccesstrojan</span></a> <a href="https://social.skynetcloud.site/tags/TheCyberExpress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TheCyberExpress</span></a> <a href="https://social.skynetcloud.site/tags/FirewallDaily" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FirewallDaily</span></a> <a href="https://social.skynetcloud.site/tags/ItachiUchiha" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ItachiUchiha</span></a> <a href="https://social.skynetcloud.site/tags/SasukeUchiha" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SasukeUchiha</span></a> <a href="https://social.skynetcloud.site/tags/DarkWebNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DarkWebNews</span></a> <a href="https://social.skynetcloud.site/tags/CyberNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberNews</span></a> <a href="https://social.skynetcloud.site/tags/Null" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Null</span></a>-AMSI <a href="https://social.skynetcloud.site/tags/AsyncRAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AsyncRAT</span></a></p>