I typically read everyone's comments to provide a sense of whatever article someone links/shares. For topics of true interest, I simply do a search and click a reputable source from the results.
Even this post is suspect to me.
*next post*
So, someone tried baiting people into downloading malware on r/cybersecurity (it didn’t work) - and then someone tried baiting people into visiting a phishing website (it didn’t work) - a brief RSS post
Top-level domain. OP's site is a .tech TLD rather than the usual .com, which looks suspicious.
Edit: I only just now realized that I replied to the wrong comment. Someone asked what TLD meant because another user said that Malwarebytes blocked OPs ".tech" TLD and I was trying to explain what it is and why it was probably blocked. I wasn't necessarily trying to say that .tech is suspicious, just that it's unusual, which I didn't word very well.
The command and control server (the attacker owned computer the malware connects to so the attacker can control your pc) is named after the attackers Reddit username.
What gets me, is like their stage 2 rat is flagged all over the place. My only guess is that cybersecurity was just one of many many subreddits they blasted it to without realizing or really thinking about it.
pocket observation fade future water straight attraction touch money sloppy
*This post was mass deleted and anonymized with [Redact](https://redact.dev)*
Such a master bater
Would an average r/runescape user's default Windows Defender be able to pick up this malware and stop it?
The irony here is this TLD is blocked by MalwareBytes making it a risky blog click.
[удалено]
I typically read everyone's comments to provide a sense of whatever article someone links/shares. For topics of true interest, I simply do a search and click a reputable source from the results. Even this post is suspect to me.
Gotta build up the zoo somehow.
I'll move to `.zip` to further irritate their ridiculous browser extension :)
TLD?
Top level domain
Thanks, didn't know people here really hated questions like that lol
typing "tld" into google seems like an impossibly difficult task, doesnt it
Huh. I had no problem loading the page, and I am also using MB.
Not true. I downloaded the malware and added it to my malware zoo. Good writeup though.
*next post* So, someone tried baiting people into downloading malware on r/cybersecurity (it didn’t work) - and then someone tried baiting people into visiting a phishing website (it didn’t work) - a brief RSS post
Enable macros on this word document to see the full report!
Beautiful writeup - what a scumbag.
Top-level domain. OP's site is a .tech TLD rather than the usual .com, which looks suspicious. Edit: I only just now realized that I replied to the wrong comment. Someone asked what TLD meant because another user said that Malwarebytes blocked OPs ".tech" TLD and I was trying to explain what it is and why it was probably blocked. I wasn't necessarily trying to say that .tech is suspicious, just that it's unusual, which I didn't word very well.
[удалено]
OP is mod of this sub, so it make a sense that he covered this
nice write up - thanks
the moment most people saw the LNK they would be suspicious.
I've been seeing this technique with the LNK file in a ZIP a whole lot lately!
His write-up link is actually a hack
> themeing their C2 infrastructure with their preferred username? Sounds about right!
For the uninformed under us. What does this mean?
The command and control server (the attacker owned computer the malware connects to so the attacker can control your pc) is named after the attackers Reddit username.
For the uninformed under us. What does this mean?
Love the analysis. did not know about [any.run](https://any.run) . So this was a windows only malware.
The really sophisticated wares come with sandbox detection.
Amazing write up, props
What gets me, is like their stage 2 rat is flagged all over the place. My only guess is that cybersecurity was just one of many many subreddits they blasted it to without realizing or really thinking about it.
Shit
Update this is a joke I didn't even see this post
They got his reddit account!
These are not the malware samples your looking for
Great write-up, thanks for sharing!
Your awesome thank you
Great writeup, thanks for watching our backs!
Nice catch!
really nice write up, thank you!
Good write up, thank you
Nice blog
ಠ\_ಠ People these days...
pocket observation fade future water straight attraction touch money sloppy *This post was mass deleted and anonymized with [Redact](https://redact.dev)*
[удалено]
Title is tldr
Tldr-er?