Olivia
Online
Zach Edwards
@thezedwards
privacy & data supply chain research / Staff Threat Researcher @Infoblox / politico / #build🔥🕸 ρᔕ𝐞ỮĎ𝔬Ňʸ๓Øᵘ丂 / [email protected]
Joined April 2010
6.9K Following
6.9K Followers
19.2K Posts
@michaelscrypt @brave im whoever controls that domain is targeting mostly non-English speaking audiences and for some reason profiling very specific groups of people w/ their spam campaigns. I've guessed it was for IP address targeting for ads but could be for other data brokering purposes. TBD!
Dang big shout out to @brave for staying on top of this 5+ year problem and coming up with a slick solution to prevent the y2u[.]be Youtube fingerprinting
issue @ https://t.co/CvoWKi8sRA
Hey look, Twitter's got a problem not just on the https://t.co/eFHkH8FUa3 domain that is scraping YouTube clicks without anyone being able to tell, there are other domains like https://t.co/SAKqnF6lF4 doing the exact same damn thing, also oddly connected to Japanese audiences
Huge win for the American people and music fans all over the world. 🎉🎶⚖️
It’s official: a jury found that Live Nation/Ticketmaster is a monopoly. I am so proud to have filed this case on 2024. This may be the most popular antitrust case ever. Kudos to the State AGs for finishing the job. The rule of law is alive and well.
It's one thing to collect data on us everywhere we go, but it's quite another to tie all those tidbits back to a single, unique identity (you). Today @thezedwards and Iesha White explain just how bad it is and how you can try to avoid it.
https://t.co/nzxFeTQM7B
Who to follow
The Last Party Cookie 🎉🍪
@humanpropensity
Adtech discussion both serious and sarcastic. Not actually a meme account.
AdTechGod 
@AdtechGod
The Lord of RTB. God of Programmatic Prophecy. The Savior of AdTech Sinners. AdTechGod®️ Founder: @theadforum @adtechgodpod CMO at @marketectureTV
Alex Cone
@alextcone
I like to read history and travel. Opinions are my own.
Tune in Monday when I'll be speaking with @thezedwards and Iesha White about the massive and pervasive business of identity resolution: tying together all these little bits of pseudonymous info to YOU.
https://t.co/W3UVkNwR3K
👀🌩️⚖️
6/ Using the full dataset I mapped out the complete organizational structure of the network, including payment totals per user and group.
The interactive org chart can be accessed here:
https://t.co/LalqNcyCjG
Password: 123456
Note: Data range is Dec 2025 through Feb 2026. Payment totals are derived from scraped transaction data and may vary slightly.
Poisonseed has successfully phished enterprise email accounts for over a year to further their crypto seed phrase poisoning attacks. 🎣 ✉️ 💸
It's been one year since @troyhunt's Mailchimp phishing incident (https://t.co/KjiX2greNs) 🧵
Join me this Friday at 11AM PT on the next @offby1security stream with @thezedwards for a session on "Tracking AI-Scaled Global Financial Fraud Threat Actors!"
https://t.co/GBkG5wXpbO
In 2022, my colleague @SGardnerReuters was on assignment in Ukraine for @Reuters when he unearthed a tantalising clue which pointed to the identity of world famous street artist Banksy. 1/7 🧵
my🙃takeaway is that Kaspersky report images apparently sometimes hide a secret attribution message
Good reporting by @lorenzofb to confirm what we reported as a theory last week: That the highly sophisticated iPhone hacking toolkit known as Coruna, found in the hands of Russian spies and now criminal hackers, is an out-of-control US-government-funded creation. https://t.co/0HwMsZB5WB
looking forward to it! ⤵️
Upcoming @offby1security streams for March!
13-March: @wunderwuzzi23
20-March: @thezedwards
27-March: @mrgretzky
See the topics in the images!
fabulous research on FUNNULL and their ongoing supply chain attacks.
You'll hear more about FUNNULL & Triad Nexus when I present at RSA on them here in a few weeks. Definitely some alignment on the research! 👀
Our new blog. Exposing the Funnull RingH23 Arsenal and MacCMS Supply Chain Attacks
https://t.co/yUb5J45EHb
🧨Just back from Spring Festival. 🧨
🚨a investigation into #Funnull : Udev #persistence, AES-CBC chained IV, "Azure Blob C2", malicious #Nginx module(badnginx2s)—all quite uncommon. #IOC
And the stealthiest part is MacCMS supply-chain poisoning.
Happy hunting 🍷@Xlab_qax
For folks interested in Magecart research we've got a series of webinars on February 3rd, you can signup @ https://t.co/ihw4nReysI
Big thank you to @500mk500 for tweeting this in 2022 -- we connected these domains to an active Magecart campaign in late 2025 and just published our piece on it @ "Silent Push Uncovers New Magecart Network: Disrupting Online Shoppers Worldwide" https://t.co/84nFfJfA9e
@ValidinLLC @abuse_ch @ET_Labs @hatching_io @joe4security 91.203.192[.]227 <-- and a small pile of domains, which could be related to #Magecart :
cloudfsnbg[.]cc
google-bootstrap[.]com
google-clipboard[.]com
google-font[.]com
google-ltag[.]com
google-manager[.]com
google-portal[.]com
google-server[.]com
$1T in market cap targeted since 2022. 🛡️
Excellent @FortuneMagazine piece by @AmandaGerut on the hunt for Scattered Spider. Our research with @thezedwards breaks down the pipeline behind these breaches.
Read: https://t.co/GS6xBYnHLx
Our team will be speaking more about BPH’s in the coming months as we encourage more law enforcement actions and private responses to these growing challenges. Read our final 2025 White Paper "Shining a Light on the Global Bulletproof Hosting Ecosystem" @ https://t.co/LuGO7P3e4t
Today our team @silentpush released research we’ve been working on all year – a magnum opus 39-page report on the state of Bulletproof Hosting Providers.
Brief thread with some details ...
Read the report @ https://t.co/LuGO7P3e4t
Threat actors love a wild policy NiceNic has which requires 3rd parties to have a “Power of Attorney” over any brands that are mentioned on malicious infrastructure being reported by that 3rd party. Due to this, fewer registrar abuse complaints to NiceNic are successful...
Last Seen Users on Sotwe
Turkish 🔥porn🔥
Seen from Turkey
Pleasure Girl | 🔞
Seen from United States
Shirley Pennington $DROPEE
Seen from United States
gemoy_crt
Seen from Indonesia
S4bleng_nade
Seen from Indonesia
Top cu to Tây Ninh
Seen from Vietnam
Hot Japanes
Seen from Indonesia
🟣EROTİCA🟣 Porno
Seen from Turkey
Leona Alya
Seen from Malaysia
Erasa
Seen from Thailand
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.7M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers