Sotwe logo Sotwe logo

Top Tweets for #Cryptbot

LIA_Intel's profile image
LoaderInsightAgency @LIA_Intel
Payload statistics from January 2025 📊 We observed 702 tasks distributed by threat actors across the tracked botnets. This resulted in 4172 unique payloads. Top families: 1. #Amadey 2. #StealC 3. #GCleaner 4. #Cryptbot 5. #LummaStealer Unpacking & detection: @unpacme
LIA_Intel's tweet photo. Payload statistics from January 2025 📊 We observed 702 tasks distributed by threat actors across the tracked botnets. This resulted in 4172 unique payloads. Top families: 1. #Amadey 2. #StealC 3. #GCleaner 4. #Cryptbot 5. #LummaStealer Unpacking & detection: @unpacme https://t.co/JzjkoXtu3r
0
3
0
1
380
club31337's profile image
club1337 Verified account @club31337
#CryptBot: Hunting for #initial #access vector https://t.co/Vn0dvk4Yac Report: https://t.co/0ifKEeH2Y5
club31337's tweet photo. #CryptBot: Hunting for #initial #access vector https://t.co/Vn0dvk4Yac Report: https://t.co/0ifKEeH2Y5 https://t.co/6q9o9ayuJG
0
3
0
0
343
Intrinsec's profile image
Intrinsec @Intrinsec
📅 Read the full report here: https://t.co/blCnBLFody #Cybersecurity #CTI #Cybercrime #ThreatIntel #CryptBot #Infostealer #Malware
1
3
2
1
449
LIA_Intel's profile image
LoaderInsightAgency @LIA_Intel
Payload statistics from December 2024 📊 We observed 465 tasks distributed by threat actors across the tracked botnets. This resulted in 3180 unique payloads. Top families: 1. #Amadey 2. #StealC 3. #CryptBot 4. #GCleaner 5. #LummaStealer Unpacking & detection: @unpacme
LIA_Intel's tweet photo. Payload statistics from December 2024 📊 We observed 465 tasks distributed by threat actors across the tracked botnets. This resulted in 3180 unique payloads. Top families: 1. #Amadey 2. #StealC 3. #CryptBot 4. #GCleaner 5. #LummaStealer Unpacking & detection: @unpacme https://t.co/DOkJJ91x6q
0
6
0
1
598
banthisguy9349's profile image
Fox_threatintel @banthisguy9349
#fresh malware! https://t.co/J0GdaiwL0J #cryptbot #privateloader
banthisguy9349's tweet photo. #fresh malware! https://t.co/J0GdaiwL0J #cryptbot #privateloader https://t.co/kPQ9NBVqF4
1
32
12
6
4K
YourAnonRiots's profile image
Anonymous🐾🐈‍⬛ @YourAnonRiots
PEAKLIGHT, a new memory-only dropper, is deploying #malware on Windows systems via pirated movie files. It uses #PowerShell scripts to install information stealers like Lumma Stealer and #CryptBot. https://t.co/gw7YRfbRmS #cybersecurity #infosec
0
11
7
0
560
CERTCyberdef's profile image
CERT Orange Cyberdefense @CERTCyberdef
With one cluster closely overlapping with what Talos tracks as #CoralRaider, we identified further Emmenhtal iterations leading to #CryptBot, #Lumma, #AsyncRAT, #Meduza, #Xworm, #SectopRAT and many others 👾, in multiple campaigns using fake PDF or video as lures.
CERTCyberdef's tweet photo. With one cluster closely overlapping with what Talos tracks as #CoralRaider, we identified further Emmenhtal iterations leading to #CryptBot, #Lumma, #AsyncRAT, #Meduza, #Xworm, #SectopRAT and many others 👾, in multiple campaigns using fake PDF or video as lures. https://t.co/zOTj1mHNuV
1
2
1
0
519
orangecyberdef's profile image
Orange Cyberdefense Verified account @orangecyberdef
🔍👩‍💻Our CTI analysts, @CERTCyberdef @Mar_Pich and A. Matousek just released a new article on a little-documented loader, dubbed #Emmenhtal. 👉📰Read here: https://t.co/BSOQy15M96 #lummastealer #cryptbot #cheesybunny #cyberthreatintelligence #threathunting
orangecyberdef's tweet photo. 🔍👩‍💻Our CTI analysts, @CERTCyberdef @Mar_Pich and A. Matousek just released a new article on a little-documented loader, dubbed #Emmenhtal. 👉📰Read here: https://t.co/BSOQy15M96 #lummastealer #cryptbot #cheesybunny #cyberthreatintelligence #threathunting https://t.co/0CkUVLMegC
0
2
0
2
266
suyog41's profile image
Yogesh Londhe @suyog41
Cryptbot Download LINK (ALTERNATIVE).url 06996bb69b5978d822b228766c4b44c0 URL=http://gg[.]gg/1b9jyb password protected zip Sеtup.exe 4de2056db3a3b39bee9d833d403091d4 #Cryptbot C2 twex12ht[.]top #IOC
suyog41's tweet photo. Cryptbot Download LINK (ALTERNATIVE).url 06996bb69b5978d822b228766c4b44c0 URL=http://gg[.]gg/1b9jyb password protected zip Sеtup.exe 4de2056db3a3b39bee9d833d403091d4 #Cryptbot C2 twex12ht[.]top #IOC https://t.co/XWOt4LKG1Q
0
14
8
4
1K
JAMESWT_WT's profile image
JAMESWT @JAMESWT_WT
@malwrhunterteam Mentioned Samples ❇️https://t.co/e586ivEN8n AnyRun #RemCosRat 💯https://t.co/PnfLL0EFjY ⛔️C2 81.19.139.]74 Samples from previus tweet ❇️https://t.co/Q0D4lQVux5 AnyRun #cryptbot 💯https://t.co/aPowSpqMyY
JAMESWT_WT's tweet photo. @malwrhunterteam Mentioned Samples ❇️https://t.co/e586ivEN8n AnyRun #RemCosRat 💯https://t.co/PnfLL0EFjY ⛔️C2 81.19.139.]74 Samples from previus tweet ❇️https://t.co/Q0D4lQVux5 AnyRun #cryptbot 💯https://t.co/aPowSpqMyY https://t.co/eoxqpAQc5q
0
5
0
0
392
PolySwarm's profile image
PolySwarm 🇺🇸 @PolySwarm
The #threatactor group #CoralRaider was recently observed distributing three #infostealers, #CryptBot, #LummaC2, and #Rhadamanthys. @TalosSecurity recently reported on this activity. Check out our blog for more info and PolySwarm’s related samples. https://t.co/CoVMefm4RA
2
39
10
1
3K
RussianPanda9xx's profile image
RussianPanda 🐼 🇺🇦 Verified account @RussianPanda9xx
There is a new version of #CryptBot spreading around with VMProtect? The infrastructure belongs to CryptBot 🤔 🛜 C2: vdeight8vt[.]top (81.94.159[.]120) 🔥 @unpacme did a great job with unpacking https://t.co/1rmFRI0bB4 📁 More related samples: 490625afa4de3eac3b03d1ca3e81afab07b5e748423319ee6e08f58c40d20250 4c75fb7bd0855e4d4623b1ac71a47c9e7f4fce743d15be28c644e32181a5d785 62340232fc4a9eb580f7153af5edc4c01cbd65bb698cad256edba9fa71c978cf b3082e8f12436cc58855241b73a72d5d2cfa3a9cdfaffd0616e9e5820b6ad830 b3aad09df96b1e8491e0dfb2ca7e3addff573c034d6c7d384587977fc1d1d4a2 e4502b6a97614a12eb799262cd8c6e796f5b5b3fd2a9fac97f533b0c06b4a3a7 e5bf0b095b5b78d44a0664c9e5def6818db220d0646d0fecf1c3f86cdddc8ceb fbdb00670f30534cd1847cd64d3f9c02af991dd922ee7e2b2c9a662f239fac11 fe320183b006be1b318bc889dc42ee4cf82d7d39ef5b188764dcee846b656b1f https://t.co/FFhz0ntDMU sandbox analysis: https://t.co/RcnlDbuq4L
RussianPanda9xx's tweet photo. There is a new version of #CryptBot spreading around with VMProtect? The infrastructure belongs to CryptBot 🤔 🛜 C2: vdeight8vt[.]top (81.94.159[.]120) 🔥 @unpacme did a great job with unpacking https://t.co/1rmFRI0bB4 📁 More related samples: 490625afa4de3eac3b03d1ca3e81afab07b5e748423319ee6e08f58c40d20250 4c75fb7bd0855e4d4623b1ac71a47c9e7f4fce743d15be28c644e32181a5d785 62340232fc4a9eb580f7153af5edc4c01cbd65bb698cad256edba9fa71c978cf b3082e8f12436cc58855241b73a72d5d2cfa3a9cdfaffd0616e9e5820b6ad830 b3aad09df96b1e8491e0dfb2ca7e3addff573c034d6c7d384587977fc1d1d4a2 e4502b6a97614a12eb799262cd8c6e796f5b5b3fd2a9fac97f533b0c06b4a3a7 e5bf0b095b5b78d44a0664c9e5def6818db220d0646d0fecf1c3f86cdddc8ceb fbdb00670f30534cd1847cd64d3f9c02af991dd922ee7e2b2c9a662f239fac11 fe320183b006be1b318bc889dc42ee4cf82d7d39ef5b188764dcee846b656b1f https://t.co/FFhz0ntDMU sandbox analysis: https://t.co/RcnlDbuq4L
2
79
21
9
10K
FarghlyMal's profile image
Aziz Farghly ⚡ @FarghlyMal
#100DaysofYARA Day21: this rule detects the unpacked version of #CryptBot Stealer rule -> https://t.co/0CekmAtwmH
FarghlyMal's tweet photo. #100DaysofYARA Day21: this rule detects the unpacked version of #CryptBot Stealer rule -> https://t.co/0CekmAtwmH https://t.co/tp8NWyC8dk
2
24
3
6
3K
1ZRR4H's profile image
Germán Fernández Verified account @1ZRR4H
@malwrhunterteam @0xDanielLopez @g0njxa @weareDMNTRs Importante lo que agrega @g0njxa, el malware podría ser realmente #CryptBot, más los dominios de distribución activos en este momento. https://t.co/sVNXCuT1Uf
1ZRR4H's tweet photo. @malwrhunterteam @0xDanielLopez @g0njxa @weareDMNTRs Importante lo que agrega @g0njxa, el malware podría ser realmente #CryptBot, más los dominios de distribución activos en este momento. https://t.co/sVNXCuT1Uf https://t.co/pkZk50KgcU
g0njxa's profile image
Who said what? Verified account @g0njxa
@1ZRR4H @malwrhunterteam @0xDanielLopez @weareDMNTRs La pagina desde donde descargo: /oficial-kmspico.com/ aun activo sirviendo #Cryptbot /rars-uploaded.com/KMSpico/ Detonacion https://t.co/KUvHLVn2Hk Esta campaña es conocida y antigua, el resto es historia
2
17
4
7
25K
3
29
12
7
20K
g0njxa's profile image
Who said what? Verified account @g0njxa
@1ZRR4H @malwrhunterteam @0xDanielLopez @weareDMNTRs La pagina desde donde descargo: /oficial-kmspico.com/ aun activo sirviendo #Cryptbot /rars-uploaded.com/KMSpico/ Detonacion https://t.co/KUvHLVn2Hk Esta campaña es conocida y antigua, el resto es historia
2
17
4
7
25K
V3n0mStrike's profile image
Ven0m @V3n0mStrike
🤖New #Cryptbot activity detected. Of course, the campaign is delivered through pirate sites with "cracked" software. 🔍Investigated website: mycrackfree.]com (with cloudflare protection) ↩️Redirects: freeinstallcpc.]xyz @namecheap -> etradistribuciones.]com -> href.]li -> somosobrasocial.]com URL that downloads the malware: hxxps://somosobrasocial.]com/quuRcHYZdQu/d3/F5Y/gMCCVo3JhfGqrc C2: hxxp://qdfourt14sr.]top/zip.php 212.]193.]57.]173 All stolen data is bundled into a zip-file that is uploaded to the c2. IP address 🇷🇺 185.]112.]83.]145 is the same for etradistribuciones.]com and somosobrasocial.]com [+] Sample in zip format: https://t.co/9XOgUManWh [+] https://t.co/IPn9rKYzul analysis https://t.co/SRaUHiBgrk
V3n0mStrike's tweet photo. 🤖New #Cryptbot activity detected. Of course, the campaign is delivered through pirate sites with "cracked" software. 🔍Investigated website: mycrackfree.]com (with cloudflare protection) ↩️Redirects: freeinstallcpc.]xyz @namecheap -> etradistribuciones.]com -> href.]li -> somosobrasocial.]com URL that downloads the malware: hxxps://somosobrasocial.]com/quuRcHYZdQu/d3/F5Y/gMCCVo3JhfGqrc C2: hxxp://qdfourt14sr.]top/zip.php 212.]193.]57.]173 All stolen data is bundled into a zip-file that is uploaded to the c2. IP address 🇷🇺 185.]112.]83.]145 is the same for etradistribuciones.]com and somosobrasocial.]com [+] Sample in zip format: https://t.co/9XOgUManWh [+] https://t.co/IPn9rKYzul analysis https://t.co/SRaUHiBgrk
3
20
9
5
5K
manokbca's profile image
DAVIDFCOSTA @manokbca
Welcome to the future! The Cryptybot collection represents an innovative vision for the years to come. This project, started in 2021, was carefully developed over an extensive period, #NFT #CRYPTBOT #CRYPTO #CRYPTONFT #NFTS @cryptocom https://t.co/e3t1NzftsN
0
4
0
0
76
H_Miser's profile image
Hash Miser @H_Miser
Igor is now helping you "activating" your unpaid Office products on hxxps://office-activator[.]com/. What a gentleman, but don't forget to disable your antivirus if you want to see your credentials stolen in your browser also... #cryptbot #infostealer
H_Miser's tweet photo. Igor is now helping you "activating" your unpaid Office products on hxxps://office-activator[.]com/. What a gentleman, but don't forget to disable your antivirus if you want to see your credentials stolen in your browser also... #cryptbot #infostealer https://t.co/j4yl7et090
0
2
0
0
1K
Gi7w0rm's profile image
Gi7w0rm Verified account @Gi7w0rm
#AgentTesla, #Amadey, #AsyncRAT, #Azorult, #BitRat, #DBatLoader, #DarkGate, #Gozi, #IcedID, #NJRat, #Prometei_v3, #QuasarRAT, #Raccoonv2, #RemcosRAT, #RedLine, #Rhadamanthys, #SystemBC, #WarzoneRAT, #XWorm, #cryptbot, #nanocore, #stealc 17/18
1
4
0
0
638
g0njxa's profile image
Who said what? Verified account @g0njxa
@LinkedIn accounts are compromised in a daily basis to join a big SEO poisoning campaign via LinkedIn Pulses. Users are then redirected to fake malicious sites where malware is being distributed, mainly #Lumma Stealer, #Cryptbot and #AMOS for Mac Users (finally found! 🍎) 👇👇
3
35
12
10
6K

Last Seen Hashtags on Sotwe

Photo
リヴァエレ
Seen from Indonesia
STF3
Seen from United States
GrammyNominatedSong
Seen from United States
nolimit()* t.co filter:videos nolimit
Seen from Ireland
taboo
Seen from Canada
Bananagirls()
Seen from Chile
TenkaIzumo
Seen from Germany
eriko miura
Seen from Indonesia
humillación

Trends for you

1
Knicks
Under 10K tweets
2
Wemby
Under 10K tweets
3
Melanie
Under 10K tweets
4
#NBAFinals
Under 10K tweets
5
San Antonio
Under 10K tweets
6
Beatriz
Under 10K tweets
7
Richard Jefferson
Under 10K tweets
8
#OPLive
Under 10K tweets
9
Tifa
Under 10K tweets
10
FMVP
Under 10K tweets

Most Popular Users

elonmusk's profile image
1
Elon Musk Verified account
@elonmusk
240.1M followers
barackobama's profile image
2
Barack Obama Verified account
@barackobama
119.3M followers
realdonaldtrump's profile image
3
Donald J. Trump Verified account
@realdonaldtrump
111.6M followers
cristiano's profile image
4
Cristiano Ronaldo Verified account
@cristiano
108.9M followers
narendramodi's profile image
5
Narendra Modi Verified account
@narendramodi
107M followers
rihanna's profile image
6
Rihanna Verified account
@rihanna
97.3M followers
nasa's profile image
7
NASA Verified account
@nasa
92.1M followers
justinbieber's profile image
8
Justin Bieber Verified account
@justinbieber
90.6M followers
katyperry's profile image
9
KATY PERRY Verified account
@katyperry
86.8M followers
taylorswift13's profile image
10
Taylor Swift Verified account
@taylorswift13
80.6M followers
ladygaga's profile image
11
Lady Gaga Verified account
@ladygaga
72.2M followers
kimkardashian's profile image
12
Kim Kardashian Verified account
@kimkardashian
69.4M followers
youtube's profile image
13
YouTube Verified account
@youtube
68.6M followers
imvkohli's profile image
14
Virat Kohli Verified account
@imvkohli
68.5M followers
billgates's profile image
15
Bill Gates Verified account
@billgates
63.4M followers
theellenshow's profile image
16
The Ellen Show
@theellenshow
62.5M followers
cnn's profile image
17
CNN Verified account
@cnn
61.9M followers
neymarjr's profile image
18
Neymar Jr Verified account
@neymarjr
61.1M followers
x's profile image
19
X Verified account
@x
60.9M followers
selenagomez's profile image
20
Selena Gomez Verified account
@selenagomez
59.9M followers