Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
5 résultats taggé any.run  ✕
How Adversary Telegram Bots Help to Reveal Threats: Case Study  - ANY.RUN's Cybersecurity Blog https://any.run/cybersecurity-blog/adversary-telegram-bot-abuse
21/05/2025 13:17:49
QRCode
archive.org
thumbnail

Discover how to intercept data stolen by cybercriminals via Telegram bots and learn to use it to clarify related threat landscape.

While analyzing malware samples uploaded to ANY.RUN’s Interactive Sandbox, one particular case marked as “phishing” and “Telegram” drew the attention of our security analysts.

Although this analysis session wasn’t attributed to any known malware family or threat actor group, the analysis revealed that Telegram bots were being used for data exfiltration. This led us to apply a message interception technique for Telegram bots, previously described on the ANY.RUN blog.

The investigation resulted in a clear and practical case study demonstrating how intercepting Telegram bot communications can aid in profiling the threat actor behind a relatively obscure phishing campaign.

Key outcomes of this analysis include:

Examination and technical analysis of a lesser known phishing campaign
Demonstration of Telegram API-based data interception techniques
Collection of threat intelligence (TI) indicators to help identify the actor
Recommendations for detecting this type of threat

any.run EN 2025 Telegram analysis malware indicators bots
GorillaBot: Technical Analysis and Code Similarities with Mirai https://any.run/cybersecurity-blog/gorillabot-malware-analysis/
26/03/2025 21:34:54
QRCode
archive.org
thumbnail

Discover technical analysis of GorillaBot, a new malware variant based on the original code of the Mirai botnet.

any.run EN 2025 GorillaBot analysis Mirai code
Zero-Day: How Attackers Use Corrupted Files to Bypass Detection https://any.run/cybersecurity-blog/corrupted-files-attack/
09/12/2024 12:13:02
QRCode
archive.org
thumbnail

See technical analysis of a zero-day attack that uses corrupted malicious files to bypass detection by advanced security systems.

any.run EN 2024 Corrupted Files Bypass Detection Analysis
Fake Google Authenticator Website Installs Malware https://any.run/cybersecurity-blog/fake-google-authenticator-campaign/
02/09/2024 11:46:48
QRCode
archive.org
thumbnail

See how adversaries are impersonating Google Authenticator in Google Ads to deliver the DeerStealer information-stealing malware. 

any.run EN 2024 Google Authenticator GoogleAds fake malvertising
Analysis of the Phishing Campaign: Behind the Incident https://any.run/cybersecurity-blog/analysis-of-the-phishing-campaign/
02/07/2024 10:56:19
QRCode
archive.org
thumbnail

See the results of our investigation into the phishing campaign encountered by our company and get information to defend against it. 

Here are some key findings:

  • We found around 72 phishing domains pretending to be real or fake companies. These domains created believable websites that tricked people into sharing their login details.
  • The attack was sophisticated, using advanced techniques like direct human interaction to deceive targets.
  • We analyzed several fake websites and reverse-engineered their web-facing application.
  • At the end of the post, you will find a list of IOCs that can be used for improving your organization’s security.
any.run EN 2024 incident phishing spear-phishing IoCs
4481 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio