Top Tweets for #SmartLoader
#Malware #SmartLoader disguised using OpenClaw-related topics
Threat actor built malicious Github repo on the basis of a legimate one.
Report: https://t.co/sBR7XQ0ojZ
hxxp://89.169.12[.235/api/
hxxp://213.176.73[.145/api/
hxxp://213.176.73[.162/api/
.@straikerai found a #SmartLoader campaign that cloned the @OuraRing #MCP server to quietly turn a trusted integration into a supply-chain attack path.
AI agents don’t verify vendors. They follow trust chains, tools, and permissions & attackers know it.
https://t.co/CNRXUrCkBo
@malmoeb I'll do ya one better (me thinks). Got a shiny new @Apple iPadOS with a #SmartLoader problem - weird right? ( only correctly identified by @threatzone_ <3 ). Hardware-Keyed & in Lockdown Mode too.
-> Threw all the related @github and related trash URLs (still 'fanged' in the linked VT 'Summary Page' for ease of access) and included them in OTX 2096 @LevelBlueCyber
-> @grok = https://t.co/89iv1a94vA (in progress)
-> @bookingcom = https://t.co/pQNXHnuqBM (in-progress)
-> @ProtonPrivacy suite of apps = https://t.co/pQNXHnuqBM (in progress)
-> @Ubiquiti = https://t.co/cuwzuquuIa
-----
--> Have a sneaking suspicion has to do w. some combination of #MalCerts & #Certificates // #UAlberta @YourAlberta #DataBreach v g t
-----
--> Link to @virustotal Graph: https://t.co/MMeYINOGuw
cc: @userlolxxl @KulinskiArkadi
GitHub上に「ゲームチート風」プロジェクトを偽装し、SmartLoaderマルウェアを配布。LuaJIT経由で起動しPersistent化後、Rhadamanthysなどを配信。AI生成されたREADMEで信頼演出も。#SmartLoader #SupplyChainThreat
https://t.co/MaQsU6cPu4
#ThreatProtection #SmartLoader #malware delivered via Github repositories, read more about Symantec's protection: https://t.co/6g65w3ynpq
🚨#SmartLoader malware has been recently found distributing malware through GitHub repositories that mimic legitimate projects. These include game cheats, software cracks, and automation tools.
Stay cautious and always verify the source.
Read more: https://t.co/cBDMIQCd7Y
🚨 Threat actors are using a code refactoring process for #Brazilian banks as bait. A malicious Lua script (Prometheus obfuscator) was found in a suspicious github repository, ultimately delivering the #SmartLoader payload via Pastebin and GitHub. 🚫
#CyberSecurity #Malware
#SmartLoader
Only >900 Github Reposity urls
https://t.co/ZqQbNqDrqq
Samples
https://t.co/Roq25fyVjh
AI-Assisted Fake #GitHub Repositories Fuel #SmartLoader and #LummaStealer Distribution
https://t.co/wupLqW29ls
🔎In recent campaigns, TAs create new #GitHub repositories populated with an AI-generated README and filled with fake backdated commits.
We also observed similar distributions via inactive repositories typically forked with a new release containing #SmartLoader ultimately added.
Following a recent @TrendMicro investigation, we found many GitHub repositories actively delivering #SmartLoader.
👽Written is Lua, this loader is distributed since early 2024.
Check our GitHub for an additional list of IoCs that complements TM's report:
https://t.co/PnapxXzKSH
2024-10-03 (Thursday): Ongoing campaign uses #SmartLoader to push #LummaStealer as early as 2024-07-31. Kicks off infection with EXE/DLL combo with a text-based configuration file. Details at https://t.co/tiE046xSWB
#TimelyThreatIntel #Unit42ThreatIntel #IndicatorsOfCompromise
#ThreatProtection #SmartLoader Campaign and #LummaStealer Deployment. Read more: https://t.co/gckzbcAU9e #CyberSecurity #Malware #InfoStealer
2024-10-03 (Thursday): Ongoing campaign uses #SmartLoader to push #LummaStealer as early as 2024-07-31. Kicks off infection with EXE/DLL combo with a text-based configuration file. Details at https://t.co/tiE046xSWB
#TimelyThreatIntel #Unit42ThreatIntel #IndicatorsOfCompromise
#Smartloader is still being delivered on fake Github repos, currently without rule detections @EmergingThreats @Jane_0sint
Some changes on web traffic, also with an apparently check and block of sandbox environments
Detonation: 👇
https://t.co/TCGoHRnhFG
Also on #Discourse, @g0njxa tips research and @any_run analysis for #Smartloader (shout out to @herrcore as well!) - stop by and see how 2051456 (C2 activity) and 2051455 (exfil) came to be!
https://t.co/02Z4QJ7N83
#SmartLoader is now being distributed on #PrivateLoader campaigns after #Redline infections to distribute an unknown #clipper
Clipped wallets:
$BTC
bc1qzaxn62nh99df7hhfl95pga36w5gtllu234k0tl
$ETH
0xB0031EB4093516F50E4AAcFDDDfE549b36545dDc
👇👇
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers