Jérôme SeguraAug 13, 2024

Notion #malvertising

hxxps[://]sdchongtian[.]com/
hxxps[://]notlon[.]so[.]blogpage[.]me/
hxxps[://]notlon[.]so[.]blogpage[.]me/Notion[.]exe

Unknown loader:
https://www.virustotal.com/gui/file/bb9e4cc1084fd9fa16aa9f75924ad66a128c0e89f93ad7c745d648086e05293b

VirusTotal

VirusTotal

Show threadJohn Bolt
@jeromesegura hey Jerome. Any ideas if these malvertising attacks are mainly targeting US / the English speaking community?
Aug 13, 2024 at 8:42pmWeb
Show threadJérôme SeguraAug 14, 2024
@jbolt I would say so, at least in number of victims. There have been other geo targeted campaigns but that’s an area that I at least have not really dug into that much.