#KEYPLUG - Twitter Hashtag

Szabolcs Schmidt

@smica83

over 1 year ago

#KEYPLUG sample uploaded @abuse_ch https://t.co/ux4eqjUsor @JAMESWT_MHT

Cyber Team

@Cyberteam008

over 1 year ago

Linux variant of #KEYPLUG Backdoor File: ntpd.txt MD5: bade128898469a64827d5dada62d287d POST C2: 47.243.194[.]21:443 cloud[.]googleapi[.]computer #Malware #ioc #ELFSHELL #APT41

0

36

13

21

9K

0

15

3

2

2K

Cyber Team

@Cyberteam008

over 1 year ago

Linux variant of #KEYPLUG Backdoor File: ntpd.txt MD5: bade128898469a64827d5dada62d287d POST C2: 47.243.194[.]21:443 cloud[.]googleapi[.]computer #Malware #ioc #ELFSHELL #APT41

0

36

13

21

9K

Samir

@SBousseaden

about 2 years ago

potential #keyplug delivered via MSI (sideload rcdll.dll with very low detection in rc.dll to load encryp payload in sihclient.exe.mui) deecc7fa56d74dcf87ddf728261a1fe9a4f7a0e0d187111ab60e5b8051e59ae3 WSS://172.67.160.105:443|0|3600|/index.html|0|prod.[microsoftdirect[.com

SBousseaden's tweet photo. potential #keyplug delivered via MSI (sideload rcdll.dll with very low detection in rc.dll to load encryp payload in sihclient.exe.mui)

deecc7fa56d74dcf87ddf728261a1fe9a4f7a0e0d187111ab60e5b8051e59ae3

WSS://172.67.160.105:443|0|3600|/index.html|0|prod.[microsoftdirect[.com https://t.co/dwsP5iZ024

1

53

9

22

7K

キタきつね

@foxbook

about 2 years ago

APT41: イタリアの産業に対するKEYPLUGの脅威 APT41: THE THREAT OF KEYPLUG AGAINST ITALIAN INDUSTRIES #SecurityAffairs (May 23) #APT41 #KeyPlug #イタリア産業 #サイバースパイ #フィッシング攻撃 https://t.co/HAWs1XvXuA

0

3

1

382

Pierluigi Paganini - Security Affairs @securityaffairs

about 2 years ago

#APT41: The threat of #KeyPlug against Italian industries https://t.co/C9c36FkNAM #securityaffairs #hacking #Italy #China

3

1

0

411

Pierluigi Paganini - Security Affairs @securityaffairs

about 2 years ago

@sonoclaudio @signorina37H @nuke86 @guelfoweb Okkio alle spie cinesi #APT41: The threat of #KeyPlug against Italian industries https://t.co/C9c36Fllqk #securityaffairs #hacking #Italy #China

1

6

1

0

191

Threat Intelligence @threatintel

about 2 years ago

#ThreatProtection #Keyplug #backdoor distributed against organizations in Italy, read more about Symantec's protection: https://t.co/7zshUQ8Bhr #malware

0

2

1

2

1K

Aleksandar Milenkoski @milenkowski

over 2 years ago

[3/4] 👉Sandman’s #LuaDream and the #KEYPLUG backdoors observed co-existing in the same environments 👉Sandman and STORM-0866/Red Dev 40 share infrastructure control and management practices 👉#LuaDream and #KEYPLUG suggest shared dev practices and functional requirements

1

5

1

0

4K

Vault Security 🍃 @VaulterVS

about 3 years ago

Chinese Hackers Using KEYPLUG Backdoor to Attack Windows & Linux Systems https://t.co/CH2WiILcnH #Chinese #backdoor #Linux #windows #keyplug #cybersecurity #cyberattack #cybercrime

0

2

3

0

171

OpenSpring @OpenSpringES

about 3 years ago

Un grupo de actividad de amenazas patrocinado por el estado chino 🇨🇳 rastreado como #RedGolf se ha atribuido al uso de una puerta trasera personalizada de #Windows y #Linux llamada #KEYPLUG. #OpenSpring #ciberseguridad @TheHackersNews https://t.co/SlSYapoeu3

0

6

3

0

87

The Hacker News @TheHackersNews

about 3 years ago

RedGolf, a highly-likely Chinese state-sponsored threat group, is using a new custom backdoor called #KEYPLUG to target multiple sectors, including US government entities. Learn more: https://t.co/KwQG5aLt7x #infosec #cybersecurity #hacking #malware

0

38

26

6

28K

3ackd0or @3ackd0or

about 3 years ago

#RedGolf, a highly-likely #Chinese state-sponsored threat group, is using a new custom #3ackd0or called #KEYPLUG to target multiple sectors, including #US government entities. #CyberSecurity #HackerNews Learn more: https://t.co/0wtltx99bp

0

10

1

0

830

Mohit Kumar

@unix_root

about 3 years ago

RedGolf, a highly-likely Chinese state-sponsored threat group, is using a new custom backdoor called #KEYPLUG to target multiple sectors, including US government entities. Learn more: https://t.co/Jvd758zGmw #infosec #cybersecurity #hacking #malware

0

3

0

560

Swati Khandelwal

@Swati_THN

about 3 years ago

RedGolf, a highly-likely Chinese state-sponsored threat group, is using a new custom backdoor called #KEYPLUG to target multiple sectors, including US government entities. Learn more: https://t.co/a9GO5xUhvh #infosec #cybersecurity #hacking #malware

0

3

2

816

The Hacker News @TheHackersNews

about 3 years ago

RedGolf, a highly-likely Chinese state-sponsored threat group, is using a new custom backdoor called #KEYPLUG to target multiple sectors, including US government entities. Learn more: https://t.co/KwQG5aKVhZ #infosec #cybersecurity #hacking #malware

1

25

20

2

18K

Recorded Future @RecordedFuture

about 3 years ago

Insikt Group examines activity attributed to likely Chinese state-sponsored actor, #RedGolf (also known as APT41/BARIUM) targeting victims with #KEYPLUG malware. Orgs of strategic interest to the Chinese govt and security services are at increased risk. https://t.co/lA9EpNcxu3

0

8

13

1

2K

Van @Wanna_VanTa

over 3 years ago

Along with deploying their malware on these servers, we found evidence of them tampering with DNS configurations to capture backend API auth requests to these applications. To do this, they first deployed the LINUX variant of #KEYPLUG on these servers.

1

11

1

0

Dan Perez

@MrDanPerez

over 4 years ago

Boy does #APT41 love their passive backdoors...makes it easy to blend into normal traffic...#KEYPLUG #LOWKEY

0

6

0

Dan Perez

@MrDanPerez

over 4 years ago

Even utilizing some of their "newer" tools like #KEYPLUG which has an active and a passive variant, but also uses dead drops on legitimate community sites...something they've done historically

MrDanPerez's tweet photo. Even utilizing some of their "newer" tools like #KEYPLUG which has an active and a passive variant, but also uses dead drops on legitimate community sites...something they've done historically https://t.co/TRH8McsS3N

1

5

0

Top Tweets for #KEYPLUG

Last Seen Hashtags on Sotwe

Trends for you

Most Popular Users