Gabriel NJun 9

Came across a phishing campaign yesterday which was targeting Finnish people, imitating the Finnish social security agency (KELA).

From a brief look it looked like the same (or related) Moroccan criminals who I have been investigating before but with a somewhat newer kit. Still php though.

So I quickly put together a little script that generated realistic looking but fake data and set the script to work.

Took ~30 minutes and then the page started to return 404 so clearly someone on the receiving end was annoyed.

Remember, if you have spare time and want to do something good, you too can #imposecost on the bad people.

SecurityAuraApr 4, 2025

#100DaysOfKQL

Day 91 - Large EXE or MSI File Observed in User Downloads Folder

Featuring a shoutout to debloat by the awesome @squiblydoo ! Go check it out (and also his certReport tool, #ImposeCost as they say)

https://github.com/SecurityAura/DE-TH-Aura/blob/main/100DaysOfKQL/Day%2091%20-%20Large%20EXE%20or%20MSI%20File%20Observed%20in%20User%20Downloads%20Folder.md

grey Oct 28, 2024
Bye bye Redline & Meta stealer  
#imposecost
greyApr 12, 2024
Yesterday, I wanted to hit a threat actor where it hurts.

Today, I am hitting a threat actor where it hurts.
Follow your dreams (and eat burritos).
#CTI #threatintel #imposecost
Rob R 🏴󠁧󠁢󠁳󠁣󠁴󠁿Dec 22, 2023

Really interesting talk here from Dominic White at BSides Capetown
https://www.youtube.com/watch?v=YNDhiH04iXw

Impose cost on attackers by getting them arrested.

Good stuff!

#cybersecurity #infosec #imposecost

Impose Cost: Our defences eventually fail & we need to take the the fight to the criminals | Keynote

YouTube
🦊CyF0x 🇦🇲🇺🇦 Dec 20, 2022
Elon Musk’s Twitter poll shows users want him to step down as CEO. More than 17 million users had voted by the time the poll on the platform closed after 6 a.m. ET, with 57.5% saying he should leave as head of the company he bought in October for $44 billion. Mr. Musk had said when he launched the Twitter poll on Sunday that he would abide by the results.* #ImposeCost
Dominic WhiteNov 7, 2022

I’ve been thinking a lot recently, about ways of imposing cost on adversaries in the cyber realm, but from the position of an organisational defender rather than LEA or .gov. But it’s pretty thin & I’d love to expand some of the thinking.

Have you seen stuff work to cause material harm/damage/cost to attackers? Have you seen attempts to do it fail?

#imposecost #cyber #hacking #defence