![_ddoxer's tweet photo. Heads up: @bankofireland 365 Online phishing campaign at online365boi[.]eu currently happening. Propagating through text on a Sunday afternoon. Please don't fall for it. Cc: @talktoBOI @irisscert @malwrhunterteam https://t.co/finCqd1S3b](https://pbs.twimg.com/media/DgdM3d-XUAAuujB.jpg)
![_ddoxer's tweet photo. @bankofireland 365 Online phishing campaign making the rounds again. Via SMS. The phishing site is 365boi[.]net. Note that the legitimate is https://t.co/Eb8SX8oo21.
Cc: @talktoBOI @irisscert @malwrhunterteam https://t.co/TgPeXtTltw](https://pbs.twimg.com/media/Dt1K_sMU0AEgm_i.jpg)
Olivia
Online
#securityblog #antivirus #incidentresponse #securityoperations #malwareanalysis #informationsecurity
https://t.co/lrHIsLI9x4
From Anti-virus to Incident Response: What’s it like? (PART 1) https://t.co/wwxEUiHgGn via @LinkedIn
https://t.co/He527c4DRg
Gobot #IoTMalware #botnet #opendir
-supports macOS
-written in Go
-controlled via IRC
macho -5b1219ae05b3128f7028fa3f788f33ea
x86 - d6bda304f4a59e36e5ffefe421d84396
I will be presenting at the #CSO50 conference in April in Arizona. I will be discussing #phishing and #malware detection in an automated fashion using #machinelearning.
This has been happening for a while https://t.co/8IevMFnmhS
Heads up: @bankofireland 365 Online phishing campaign at online365boi[.]eu currently happening. Propagating through text on a Sunday afternoon. Please don't fall for it. Cc: @talktoBOI @irisscert @malwrhunterteam
![_ddoxer's tweet photo. Heads up: @bankofireland 365 Online phishing campaign at online365boi[.]eu currently happening. Propagating through text on a Sunday afternoon. Please don't fall for it. Cc: @talktoBOI @irisscert @malwrhunterteam https://t.co/finCqd1S3b](https://pbs.twimg.com/media/DgdM3eEX4AEBwPV.jpg)
@bankofireland 365 Online phishing campaign making the rounds again. Via SMS. The phishing site is 365boi[.]net. Note that the legitimate is https://t.co/Eb8SX8oo21.
Cc: @talktoBOI @irisscert @malwrhunterteam
![_ddoxer's tweet photo. @bankofireland 365 Online phishing campaign making the rounds again. Via SMS. The phishing site is 365boi[.]net. Note that the legitimate is https://t.co/Eb8SX8oo21.
Cc: @talktoBOI @irisscert @malwrhunterteam https://t.co/TgPeXtTltw](https://pbs.twimg.com/media/Dt1LAeRU4AEJL3_.jpg)
OK, folks, I hear that John McAfee claims to have invented cyber security. (I don't know; he has blocked me.)
Gather 'round the fire, kids, for a short story, because I was around at the time.
New #Emotet epoch 1 payloads as of 09:00EDT+:
https://t.co/2QebcSHxxH
/www.yetanothersteve.com/Xs6TPwnAAJ/
/flewer.pl/pub/s99556m/
/www.hotelcapital.ru/f6FBJD/
/dc.amegt.com/wp-content/oC4gy4aGL/
/www.armanitour.com/kuNOqI/
New #Emotet Epoch 1 payloads as of 11:30EDT+:
https://t.co/7QaWnFubqH
/www.avemeadows.com/gbPAHU/
/kosilloperutours.com/mrep9aHq/
/www.customaccessdatabase.com/joiuehtr/9g94p2/
/www.deimplant.com/CFsF9RU/
/nfusedigital.co.za/ECbcfDxq/
#Emotet 25/06/2018
6 DOC
6 Payload
81 C2
IOC's
https://t.co/p42IW4TS6m
@DecayPotato @Jan0fficial @_ddoxer @luc4m @executemalware @James_inthe_box @bauldini @RealRalf9000 @JRoosen @neonprimetime @Techhelplistcom @NelsonSecurity @HazMalware
Heads up: @bankofireland 365 Online phishing campaign at online365boi[.]eu currently happening. Propagating through text on a Sunday afternoon. Please don't fall for it. Cc: @talktoBOI @irisscert @malwrhunterteam
New #emotet epoch 1 payloads 19:30EDT+ and new/old doc look. We are back to the Wells Fargo Overlay again:
https://t.co/dLHyEtEE81
/www.apiperjuangan.com/LrfK/
/www.graca.com.np/zCtof/
/www.answerthebeacon.com/YYCUNZ0/
/www.imperiaskygardens.site/Su7FZ/
/www.katexs.com/rogV/
@executemalware #Emotet 20/06/2018
1 DOC
2 Payload
43 C2
[+] New IP's and Port 8090
IOC's
https://t.co/CMuXYp0F9O
@RealRalf9000 @bauldini @JRoosen @James_inthe_box @DecayPotato @executemalware @neonprimetime @Techhelplistcom @_ddoxer @NelsonSecurity @Mesiagh
#Geodo / #Emotet doc dropper locations 20/06/18: https://t.co/m2fXbgnqBp
@JRoosen @_odisseus @JAMESWT_MHT @James_inthe_box @pollo290987 @Mesiagh @NelsonSecurity @DynamicAnalysis @neonprimetime @noottrak @Techhelplistcom
Sorry for join me late... Resume of #Emotet 06/01/2018
394 URL's
15 DOC
4 Payload
48 C2
1 Sample unknown
IOC's
https://t.co/DApCVH50HU
Thnks for the lists:
@_ddoxer @JRoosen @executemalware @DecayPotato @jamesin
Here is today's notes for #emotet. I go into more in depth analysis of the dual variant/epoch hypothesis in the notes section at the bottom. IOCs are at the top like normal. Will keep updating as I can. https://t.co/v4wRyFheB6
#Geodo / #Emotet doc dropper locations 01/06/18: https://t.co/moosp1tEck
@JRoosen @_odisseus @JAMESWT_MHT @James_inthe_box @pollo290987 @Mesiagh @NelsonSecurity @DynamicAnalysis @neonprimetime @noottrak @Techhelplistcom
Last Seen Users on Sotwe
เงี่ยนอีชมพู่
Seen from Thailand
ชายแท้ตาก
Seen from Thailand
lovely fucker
Seen from United Kingdom
(っ◔◡◔)っ 💙 Kronii 💙
Seen from Turkey
RAS5474889
Seen from Malaysia
家有♠️骚娇妻♠️
Seen from Singapore
الأحداث العالمية 
Seen from Saudi Arabia
ساره و مهند
Seen from Egypt
Moy💯
Seen from Indonesia
Caner
Seen from Turkey
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.4M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.6M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers