Tag: social media

10 Attack Reports | 0 Vulnerabilities

Attack reports

Fake Software Tutorials on TikTok Spread Vidar Stealer

Threat actors are leveraging TikTok and Instagram Reels to distribute the Vidar infostealer through fake software tutorials. Two distinct campaigns use short-form videos disguised as tutorials for unlocking premium software like Spotify. The first campaign uses accounts mimicking official Windows p…
social engineering
powershell
infostealer
vidar
social media
tiktok
2026-06-10
fake tutorials
instagram reels
Published: June 10, 2026
Downloadable IOCs: 0

Deepens Its Playbook with New Websites and Targets

CopyCop, a Russian covert influence network, has significantly expanded its operations since March 2025, creating over 300 new fictional media websites targeting various countries. The network, likely operated by John Mark Dougan with support from Russian entities, aims to undermine support for Ukr…
ukraine
disinformation
elections
social media
ai-generated content
deepfakes
2025-09-18
russian influence
political fragmentation
Published: September 18, 2025
Downloadable IOCs: 0

Targeted attacks leverage accounts on popular online platforms as C2 servers

A sophisticated cyberattack campaign targeted the Russian IT industry and other entities globally in late 2024. The attackers used social media profiles and popular websites to deliver payload information, bypassing detection methods. They employed spear phishing emails with malicious RAR archives,…
cobalt strike
cobalt strike beacon
shellcode
targeted attacks
social media
c2 communication
spear phishing
dll hijacking
2025-07-30
api obfuscation
Published: July 30, 2025
Downloadable IOCs: 2

Power Parasites: Job & Investment Scam Campaign Targets Energy Companies and Major Brands

A scam campaign dubbed 'Power Parasites' is targeting individuals in Asian countries through deceptive websites, social media groups, and Telegram channels. The campaign exploits the names and branding of global energy companies and other major brands to conduct job and investment scams. Victims ar…
phishing
social engineering
telegram
social media
investment fraud
brand impersonation
2025-04-24
job scam
Published: April 24, 2025
Downloadable IOCs: 0

Clickbait to Catastrophe: How a Fake Meta Email Leads to Password Plunder

A sophisticated phishing campaign targeting Meta Business accounts has been uncovered by the Cofense Phishing Defense Center. The attack begins with a fake Instagram alert claiming the user's ads are suspended due to policy violations. Victims are directed to a fraudulent page mimicking Meta's busi…
phishing
credential theft
meta
social media
two-factor authentication
instagram
2025-03-21
chat support
business accounts
Published: March 21, 2025
Linked vulnerabilities : CVE-2025-24071 (CVSS 7.5)
Downloadable IOCs: 5

Valentine's Day Cyber Attack Landscape: Exploiting Love Through Digital Deception

Valentine's Day 2025 has become a focal point for sophisticated cybersecurity threats, with attackers exploiting emotional vulnerabilities and seasonal shopping behaviors. A complex network of scams has emerged, including OAuth-based phishing, brand impersonation, and cryptocurrency fraud. These th…
phishing
social engineering
cryptocurrency
financial fraud
social media
e-commerce
brand impersonation
oauth
2025-02-15
valentine's day
Published: February 15, 2025
Downloadable IOCs: 0

InfoStealer Malware Attacking Meta Business Page To Steal Logins

A sophisticated malvertising campaign is distributing the SYS01 infostealer malware through Meta's advertising platform. The attackers impersonate trusted brands and popular software, targeting primarily senior male demographics. The malware, designed to steal personal data and credentials, is dist…
malvertising
powershell
infostealer
persistence
electron
credential theft
sys01
meta
social media
2024-11-04
Published: November 4, 2024
Downloadable IOCs: 26

The Dark Knight Returns: Joker malware analysis

The report details sophisticated command and control (C2) techniques employed by the APT41 threat group. APT41 uses custom malware and legitimate tools to maintain persistent access to compromised networks while evading detection. Key techniques include DNS tunneling, domain fronting, and steganogr…
evasion
steganography
dns tunneling
social media
2024-10-03
command and control
apt41
cloud services
domain fronting
Published: October 3, 2024
Downloadable IOCs: 8

Disrupting a covert Iranian influence operation

OpenAI is committed to preventing abuse and improving transparency around AI-generated content. This includes our work to detect and stop covert influence operations (IO), which try to manipulate public opinion or influence political outcomes while hiding the true identity or intentions of the acto…
social media
2024-08-16
chatgpt
storm-2035
geopolitical
ai-generated content
Published: August 16, 2024
Downloadable IOCs: 5

Mid-year Doppelganger information operations in Europe and the US

This investigation delves into information operations conducted by Russian actors known as Doppelgänger, focusing on their activities from early June to late-July 2024. It examines their tactics, associated infrastructure, and motivations, particularly in relation to the unexpected snap general ele…
disinformation
redirection
2024-07-30
elections
social media
russian actors
Published: July 30, 2024
Downloadable IOCs: 700
Click here to see more Attack Reports