I've been busy in the past weeks coding on new project. Finally, here it is:
Introducing Malwarebazaar!
abuse.ch/blog/introduci…
👉 bazaar.abuse.ch
#sharingiscaring
abuse.ch
3,386 posts
abuse.ch
@abuse_ch
Fighting malware and botnets
- We are excited to announce the launch of our most recent platform: YARAify 🥳 Blog post: 👉 abuse.ch/blog/introduci… YARAify platform: 👉 yaraify.abuse.ch Top features: - Live hunt over a large file set - Deploy & share your YARA rules in a structured way - Extensive API
- URLhaus adds more pressure on threat actors that are abusing the domain name space for distributing malware 👮 Today, we started to notify domain registrars and registries about domains that have been setup by threat actors for the sole purpose of distributing malware 📩🛑
- 💥 BOOOM 💥 You can now do live malware hunting 🔥 on MalwareBazaar and get notified by email ✉️ or mobile 📱on new hits! You can hunt for: - Tags - Signatures - YARA rules - ClamAV - Vendor detection Oh, before I forget: It's completely free! 🤯 👉 bazaar.abuse.ch/hunting/
- SERVICE UPDATE | Today, Twitter has revoked our access to their authentication API. The impact is submissions to the abuse.ch platforms cannot be made. We are urgently working to find a different authentication method. Please bear with us - we'll update again
- URLhaus + Virustotal = ❤️ Virustotal is now checking URLhaus for known malware sites. Thanks @virustotal ! virustotal.com/gui/url/7460e3…
- Introducing my newest project: I got phished The goal is to notify IT-security representatives about phishing victims within their constituency 📨 👉 igotphished.abuse.ch A big thanks to @jaythl who initiated the project! 👏 For bug reports and feature requests -> DM me
- Tired of hunting for IOCs on social media and fighting with different logins across different platforms? I'm happy to announce the newest project of abuse.ch: ThreatFox! 🥳🎉 ThreatFox IOC sharing platform: threatfox.abuse.ch Blog: abuse.ch/blog/introduci…
- #Emotet has almost doubled its botnet C2 infrastructure in the past 24 hours from 8 active C2s yesterday to 14 active C2s today 🔥🪲 We have also observed an increase of Emotet malspam today 📩 It seems to be very clear that Emotet is firing up its activity! 💥 Be prepared! 🛡️
- The major outage of Facebook, Instagram and WhatsApp apparently causes problems at DNS providers too as the corresponding apps are hammering their resolvers hard 🔥 Facebook is down and the whole internet is having troubles 🤡 Current service status @AdGuard DNS:
- Quak 🦆! Goodbye #Qakbot, I hope we won't see you ever again 👋. And this is how it looks like from Feodo Tracker' perspective ⬇️. All #botnet C2s are offline 🛑 feodotracker.abuse.ch/browse/qakbot/ Tango down! 💪
Qakbot 🦆🤖 takedown!!! Qakbot has been disrupted and dismantled by the FBI following a multinational effort. We will be assisting with the remediation - more info to follow... #malware #takedown #qakbot fbi.gov/news/stories/f… - Some IOCs related to #Log4j (CVE-2021-44228) and the relevant #Kinsing and #Mirai botnets exploiting it are available here 👇👇👇 Payload URLs (nuking in progress 💣): 🌎 urlhaus.abuse.ch/browse/tag/log… Payloads: 📄 bazaar.abuse.ch/browse/tag/log… Botnet C2s: 🔥 threatfox.abuse.ch/browse/tag/log…
- Have you checked out the new hunting tool yet? We may have mentioned it once or twice already! 😂 And, here it is again! 🔎 Just enter an IPv4, domain, URL, or file hash, and instantly see if it’s been identified on URLhaus, MalwareBazaar, ThreatFox, or YARAify - with just one
