Jeroen Gui 

@[email protected]
129 Followers
477 Following
287 Posts
Computer science student, musician, tech enthousiast and online threat hunter.
If you want to support the work I do: http://Ko-fi.com/jeroengui
Site/bloghttps://jeroengui.be
Twitter@jeroengui
Linkedinhttps://www.linkedin.com/in/jeroen-gui/
Githubhttps://github.com/jeroengui
Show threadJeroen Gui 8h ago

@keepassxc

Of course, there’s no full takedown until the domain is placed on client/server hold. That's correct!

That said, in practice, I rarely see any recovery once Cloudflare puts up a warning page. It’s usually easier for the threat actor to register a new domain.

The good news is that this domain has already propagated across most major AV vendors, and I’ve shared both the domain indicators and the associated malware samples with several partners and information-sharing networks (Quad9, GCA, GSE, etc.). That should help ensure any residual risk is blocked at multiple layers.

I'll set up some monitoring for both this domain and any future attempts to impersonate KeePassXC.

Show threadJeroen Gui 8h ago

@keepassxc

Takedown completed.

If similar sites appear in the future, don’t hesitate to reach out! Always happy to support FOSS projects in protecting their users.

You can also easily report new cases here: https://justguard.be/report

Jeroen Gui Feb 27, 2025
The Spamhaus ProjectFeb 27, 2025

👨 Meet @jeroengui: student, founder of JustGuard, and a 🥇 top contributor to Spamhaus’ Threat Intel Community Portal!

Every month, he submits thousands of malicious domains, URLs, and email sources - all to make the internet a safer place. 🌍🔒

But what drives him to do it, and how can you get involved too? Read his story here 👇
https://www.spamhaus.org/resource-hub/threat-intelligence/how-i-m-fighting-cybercrime-with-spamhaus-and-how-you-can-too/

#SharingIsCaring #CyberSecurity #ThreatIntel #Infosec

Jeroen Gui Jan 30, 2025

🚨 Turning the tables on a phishing campaign 🚨

I had a lot of fun writing this blog post about how I hijacked an active phishing campaign that used an interesting technique to bypass email security filters.

A deep dive into how attackers operate… and how we can outsmart them.
Check it out below! ⬇️
https://justguard.be/blog/posts/unregistered-domains

Would love to hear your thoughts, feel free to share!
hashtag#CyberSecurity hashtag#Phishing hashtag#ThreatIntelligence

Hijacking a phishing campaign: Beating cybercriminals at their own game

JustGuard | Protect your business from cyber threats with JustGuard's threat detection and takedown solutions, and automated threat analysis services.

Jeroen Gui Oct 6, 2024
nixCraft 🐧Oct 6, 2024
There is no such thing as a backdoor for good guys. Once you place a backdoor, you compromise the safety and privacy of all your users. A third party or bad guys will get access to it and abuse it further. The concept of a "backdoor for good guys" is fundamentally flawed and dangerous. It sets a dangerous precedent. Security and privacy should be absolute. There's no safe way to create a backdoor that can't be exploited by malicious actors. #privacy #security #infosec
Jeroen Gui Oct 4, 2024
Aral BalkanOct 4, 2024

I mean, if an EU citizen’s initiative to tax the rich cannot get a paltry 1 million signatures (less than one quarter of one percent of the population), I guess we really must deserve this bullshit system.

You still have five days, sign this ffs:

https://eci.ec.europa.eu/038/public/#/screen/home

#eu #TaxTheRich #billionaires #fascism #ecocide

Show threadJeroen Gui Sep 23, 2024

@evaristegal0is

They do it quite often. Actually it's almost the default response to legitimate reports of phishing they receive.

They also send out the report to the actual hosting provider of the content.

Jeroen Gui Sep 1, 2024
Jan Wildeboer 😷Sep 1, 2024
What if I told you that a 32 year old German woman unexpectedly pulls out a knife and starts to stab passengers in a bus, injuring 6 passengers, three critically. Three muslimas, fearing for their children, throw themselves at this woman, manage to wrestle the knife away from her and keep her down until the situation can be resolved. Oh? You didn't hear about that? Well. It just happened. Last Friday. (article in German) https://www.t-online.de/nachrichten/panorama/kriminalitaet/id_100479780/siegen-drei-muslimische-muetter-stoppten-messer-angreiferin.html
Bei Messerangriff in Siegen wurden drei Mütter zu Heldinnen

Zwei Opfer des Messerangriffs schweben noch in Lebensgefahr. Jetzt wird bekannt: Drei muslimische Frauen verhinderten wohl Schlimmeres.

www.t-online.de
Jeroen Gui Sep 1, 2024
European CommissionSep 1, 2024

Let the medals rain!

We just hit the 80 mark in the EU countries’ medal counter!

Congratulations to the amazing performances by the European athletes at the #Paris2024 Paralympic Games so far.

They are a testament to what determination, teamwork, and unity can achieve. Together, we are stronger.

🇪🇺84
🇫🇷17
🇮🇹15
🇪🇸11
🇳🇱10
🇵🇱5
🇩🇪5
🇩🇰4
🇬🇷4
🇨🇿3
🇸🇰2
🇧🇪2
🇧🇬1
🇭🇺1
🇸🇮1
🇨🇾1
🇮🇪1
🇦🇹1

Show threadJeroen Gui Aug 11, 2024

Update: everything is back online

According to Hostinger it was due to a false positive suspension of the wrong service on my account

I don't know what that exactly means, but the suspension has been revoked and in the end that's the only thing I was worried about.