Notices where this attachment appears
-
Embed this notice
Brad (malware_traffic@infosec.exchange)'s status on Wednesday, 15-Jan-2025 19:38:07 JST 
Brad
From social media posts I wrote for my employer at https://www.linkedin.com/posts/unit42_kongtuke-boinc-activity-7284986403476717568-InKv/ and https://x.com/Unit42_Intel/status/1879220778173870556
2025-01-13 (Monday): Legitimate websites infected with #KongTuke script present "verify you are human" pages that ask victims to paste PowerShell script into a Run window. Lately, this has led to infections abusing the #BOINC platform. More info at: https://bit.ly/3DU2H2R
A #pcap from an example of the infection traffic and the associated files/artifacts are available at https://www.malware-traffic-analysis.net/2025/01/13/index.html
GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.
All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.