hElLo...
#art #furry #furryart #sfw #horror #mimic #creature #crayon #coloredpencil #traditionalart #artistsonmastodon #artistsonfediverse #commsopen
Silver Fox uses the new ABCDoor backdoor to target organizations in Russia and India
The Silver Fox threat group conducted phishing campaigns in December 2025 and January 2026, impersonating tax authorities in India and Russia. Malicious emails contained archives with a modified Rust-based RustSL loader that deployed ValleyRAT backdoor. Over 1600 malicious emails targeted organizations across industrial, consulting, retail, and transportation sectors. During investigation, a previously undocumented Python-based backdoor named ABCDoor was discovered, active since late 2024. The attacks utilized multi-stage infection chains involving encrypted payloads, custom ValleyRAT modules, and various persistence mechanisms including Phantom Persistence technique. ABCDoor features remote control capabilities, screen broadcasting using ffmpeg, and file manipulation functions. The group employed sophisticated evasion techniques including geofencing, string encryption, and mimicking legitimate VPN services.
Pulse ID: 69f3241b2759ee934874df9f
Pulse Link: https://otx.alienvault.com/pulse/69f3241b2759ee934874df9f
Pulse Author: AlienVault
Created: 2026-04-30 09:42:51
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #CyberSecurity #Email #Encryption #India #InfoSec #Mimic #OTX #OpenThreatExchange #Phishing #Python #RAT #Russia #Rust #SMS #VPN #bot #AlienVault
Phoenix Rising: Exposing the PhaaS Kit Behind Global Mass Phishing Campaigns
Since January 2025, researchers identified over 2,500 phishing domains targeting more than 70 organizations across financial services, telecommunications, and logistics sectors globally. Two dominant smishing campaigns were discovered: Reward Points phishing impersonating banks and telecom providers, and Failed Parcel Delivery phishing mimicking logistics companies. Despite different themes, both campaigns share infrastructure and utilize the Phoenix System administrative panel, a successor to the Mouse System. This Phishing-as-a-Service platform offers real-time victim monitoring, geofencing, IP-based filtering, and live-phishing interventions to bypass multi-factor authentication. The platform is distributed via Telegram channels for approximately $2,000 annually, providing threat actors with pre-built templates, traffic filtering mechanisms, and real-time victim management dashboards. Attackers potentially leverage fake Base Transceiver Stations to bypass carrier-level filtering and deliver messages app...
Pulse ID: 69f1fa3e73a0897558593b04
Pulse Link: https://otx.alienvault.com/pulse/69f1fa3e73a0897558593b04
Pulse Author: AlienVault
Created: 2026-04-29 12:31:58
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Bank #CyberSecurity #ICS #InfoSec #Mimic #OTX #OpenThreatExchange #Phishing #RAT #RCE #SMS #Smishing #Telecom #Telecommunication #Telegram #bot #AlienVault
During our troupe's 20th birthday celebrations last weekend, one of our earliest Players of the Patchwork Julie got to meet Chest E. Cognito, one of our newest {definitely-not-a-Mimic} characters!
What's a little light nomming amongst friends? 😁
#CommediaDellArte #Commedia #Improv #Improvisation #Theater #DnD #Mimic #Nom #NomNomNom #Birthday
KYCShadow: An Android Banking Malware Exploiting Fake KYC Workflows for Credential and OTP Theft
An Android malware campaign masquerading as a bank KYC verification application targets users in India through WhatsApp distribution. The threat operates as a multi-stage dropper installing secondary payloads while establishing persistent command-and-control communication. It combines native code obfuscation, Firebase-based remote execution, VPN-based traffic manipulation, and WebView-based phishing to systematically harvest sensitive user data. The infection chain progresses through deceptive update screens, VPN activation, silent APK installation, and extensive permission abuse. The deployed payload enables SMS interception, call control, USSD execution, and structured credential theft through staged phishing interfaces mimicking legitimate banking workflows. Exfiltrated data is encrypted locally and transmitted to jsonapi.biz, while critical configuration values are hidden inside native libraries to hinder detection.
Pulse ID: 69f1d2d45ec26fc5e1ca72f4
Pulse Link: https://otx.alienvault.com/pulse/69f1d2d45ec26fc5e1ca72f4
Pulse Author: AlienVault
Created: 2026-04-29 09:43:48
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#APK #Android #Bank #CyberSecurity #India #InfoSec #Malware #Mimic #OTX #OpenThreatExchange #Phishing #RAT #RCE #SMS #VPN #WhatsApp #bot #AlienVault
Coordinated Phishing Campaign against Sri Lanka’s Financial Sector
A phishing campaign was observed targeting Financial sector. The operation is designed to closely mimic legitimate login portals using convincing domain spoofing, cloned web pages and social engineering techniques to deceive users.
Pulse ID: 69f04783052c0771806bfe44
Pulse Link: https://otx.alienvault.com/pulse/69f04783052c0771806bfe44
Pulse Author: cryptocti
Created: 2026-04-28 05:37:07
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #Mimic #OTX #OpenThreatExchange #Phishing #RAT #SocialEngineering #bot #cryptocti
How Gut Bacteria May Affect the Outcome of Cancer Immunotherapy
Nana
Cyat
OTX Bot
Players' Patchwork Theatre Co
Chuff²
KBDraws92
Hackaday [Unofficial]