Just Another Blue Teamer<p>Happy Monday everyone!</p><p>The AhnLab, Inc. Security Intelligence Center (ASEC) has been monitoring infostealer malware that is disguised as illegal software and keygens and found that most of the malware that is distributed in this manner has been the <a href="https://ioc.exchange/tags/LummaC2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LummaC2</span></a> infostealer BUT there has been an increase in distribution of the <a href="https://ioc.exchange/tags/ACRStealer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ACRStealer</span></a> as well. What is pretty interesting is the technique they use for C2. In this case they have used Steam, telegra.ph, Google Docs (Form) and Google Docs (Presentation). Enjoy and Happy Hunting!</p><p>ACRStealer Infostealer Exploiting Google Docs as C2<br><a href="https://asec.ahnlab.com/en/86390/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">asec.ahnlab.com/en/86390/</span><span class="invisible"></span></a></p><p>Intel 471 Cyborg Security, Now Part of Intel 471 <a href="https://ioc.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ThreatIntel</span></a> <a href="https://ioc.exchange/tags/ThreatHunting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ThreatHunting</span></a> <a href="https://ioc.exchange/tags/ThreatDetection" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ThreatDetection</span></a> <a href="https://ioc.exchange/tags/HappyHunting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HappyHunting</span></a> <a href="https://ioc.exchange/tags/readoftheday" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>readoftheday</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software.
If you wish to join, contact us for an invite.
Administered by:
Server stats:
10Kactive users
fosstodon.org: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#acrstealer
0 posts · 0 participants · 0 posts today
Pyrzout :vm:<p>Hackers Use Google Docs and Steam to Spread ACRStealer Infostealer – Source:hackread.com <a href="https://ciso2ciso.com/hackers-use-google-docs-and-steam-to-spread-acrstealer-infostealer-sourcehackread-com/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ciso2ciso.com/hackers-use-goog</span><span class="invisible">le-docs-and-steam-to-spread-acrstealer-infostealer-sourcehackread-com/</span></a> <a href="https://social.skynetcloud.site/tags/1CyberSecurityNewsPost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>1CyberSecurityNewsPost</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/LummaStealer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LummaStealer</span></a> <a href="https://social.skynetcloud.site/tags/Infostealer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infostealer</span></a> <a href="https://social.skynetcloud.site/tags/ACRStealer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ACRStealer</span></a> <a href="https://social.skynetcloud.site/tags/GoogleDocs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GoogleDocs</span></a> <a href="https://social.skynetcloud.site/tags/Hackread" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hackread</span></a> <a href="https://social.skynetcloud.site/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://social.skynetcloud.site/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> <a href="https://social.skynetcloud.site/tags/Steam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Steam</span></a></p>
Hackread.com<p>🚨 New malware alert! <a href="https://mstdn.social/tags/ACRStealer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ACRStealer</span></a> is using Google Docs and Steam to steal credentials, crypto wallets & more. Spread via software cracks! 🔒⚠️</p><p>Read: <a href="https://hackread.com/hackers-google-docs-steam-drop-acrstealer-infostealer/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackread.com/hackers-google-do</span><span class="invisible">cs-steam-drop-acrstealer-infostealer/</span></a></p><p><a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mstdn.social/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://mstdn.social/tags/InfoStealer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoStealer</span></a> <a href="https://mstdn.social/tags/GoogleDocs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GoogleDocs</span></a> <a href="https://mstdn.social/tags/Steam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Steam</span></a></p>
Pyrzout :vm:<p>Phishing Scam Targets Google Users with Malware Disguised as Authenticator App <a href="https://thecyberexpress.com/latrodectus-and-acr-stealer/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thecyberexpress.com/latrodectu</span><span class="invisible">s-and-acr-stealer/</span></a> <a href="https://social.skynetcloud.site/tags/LatrodectusandACRStealer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LatrodectusandACRStealer</span></a> <a href="https://social.skynetcloud.site/tags/GoogleAuthenticatorapp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GoogleAuthenticatorapp</span></a> <a href="https://social.skynetcloud.site/tags/TheCyberExpressNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TheCyberExpressNews</span></a> <a href="https://social.skynetcloud.site/tags/GoogleSafetyCentre" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GoogleSafetyCentre</span></a> <a href="https://social.skynetcloud.site/tags/CybersecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CybersecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/TheCyberExpress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TheCyberExpress</span></a> <a href="https://social.skynetcloud.site/tags/FirewallDaily" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FirewallDaily</span></a> <a href="https://social.skynetcloud.site/tags/DarkWebNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DarkWebNews</span></a> <a href="https://social.skynetcloud.site/tags/ACRStealer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ACRStealer</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
LoginDrag & drop to upload