PhatomCandle ThreatIntel

162 posts

PhatomCandle ThreatIntel

@phatomcandle

Malware Threat Intel,Let's see what is beyond the moutain

Sumali Temmuz 2025

97 Sinusundan124 Mga Tagasunod

PhatomCandle ThreatIntel@phatomcandle·16h

#MuddyWater #C2 #APT #Malware #IOC #ThreatIntel daily hunting 92[.]243[.]65[.]243

English

149

PhatomCandle ThreatIntel@phatomcandle·1d

#MuddyWater #C2 #APT #Malware #IOC #ThreatIntel daily hunting web27[.]info 38[.]180[.]239[.]161

English

PhatomCandle ThreatIntel@phatomcandle·2d

#MuddyWater #C2 #APT #Malware #IOC #ThreatIntel daily hunting 38[.]180[.]239[.]161 web27[.]info

English

PhatomCandle ThreatIntel@phatomcandle·3d

#MuddyWater #C2 #APT #Malware #IOC #ThreatIntel daily hunting 185[.]76[.]79[.]125

English

343

PhatomCandle ThreatIntel@phatomcandle·4d

#MuddyWater #C2 #APT #Malware #IOC #ThreatIntel daily hunting phoneaccessory[.]site 172[.]67[.]151[.]208

English

180

PhatomCandle ThreatIntel@phatomcandle·5d

#MuddyWater #C2 #APT #Malware #IOC #ThreatIntel daily hunting formacja[.]info 104[.]21[.]58[.]50

Polski

174

PhatomCandle ThreatIntel@phatomcandle·6d

#C2 #SneakyChef #APT #SpiceRAT #Malware #IOC #ThreatIntel daily hunting 31[.]58[.]220[.]250

English

939

PhatomCandle ThreatIntel@phatomcandle·25 Nis

#Kimsuky #C2 #APT #Malware #IOC #ThreatIntel daily hunting bigfile[.]navcloudstorage[.]n-e[.]kr 163[.]245[.]215[.]46

English

813

PhatomCandle ThreatIntel@phatomcandle·24 Nis

#Kimsuky #C2 #APT #Malware #IOC #ThreatIntel daily hunting auth[.]hrstrotage[.]n-e[.]kr 163[.]245[.]215[.]46

English

1.3K

PhatomCandle ThreatIntel@phatomcandle·24 Nis

@jo3rg @skocherhan Yup,so we write suspected, but we think it is targeted attack,not advaced

English

▂▃▅▇█▓▒░ ░▒▓█▇▅▃▂@jo3rg·24 Nis

@phatomcandle @skocherhan What gives away the APT attribution? On the first sight this doesn't look super sophisticated

English

PhatomCandle ThreatIntel@phatomcandle·24 Nis

#APT #ThreatIntel #cybersecurity #cyberattack Multi-Stage Cyber Campaign Targeting Tunisian Government and French Healthcare Infrastructure with Suspected State-Sponsored Attack Activity,check our new blog @phatomcandle/attack-campaign-tunisian-gov-database-breached-french-healthcare-data-stolen-5f599e70deda" target="_blank" rel="nofollow noopener">medium.com/@phatomcandle/…

English

496

PhatomCandle ThreatIntel@phatomcandle·23 Nis

#Kimsuky #C2 #APT #Malware #IOC #ThreatIntel daily hunting nid[.]navmercorp[.]n-e[.]kr 163[.]245[.]215[.]46

Filipino

362

PhatomCandle ThreatIntel@phatomcandle·22 Nis

#Kimsuky #C2 #APT #Malware #IOC #ThreatIntel daily hunting nhls[.]o-r[.]kr 163[.]245[.]215[.]46

English

487

PhatomCandle ThreatIntel@phatomcandle·21 Nis

#Kimsuky #C2 #APT #Malware #IOC #ThreatIntel daily hunting 118[.]194[.]248[.]246

English

788

PhatomCandle ThreatIntel@phatomcandle·20 Nis

#SideWinder #APT #APT_Generic #Malware #IOC #ThreatIntel daily hunting 5d3b047763978146399cfe8c604b3d296e6b723bfd39adb4eb34c89c61231f07 1e875808f35b90d3ef5f81b0659a2452

Filipino

251

PhatomCandle ThreatIntel@phatomcandle·8 Nis

#APT #C2 #EtherRAT #IOC #ThreatIntel #Lazarus something interesting about suspect DPRK threatactors targeting IT professionals，fake RDCMan/DelProf2/Procmon/PsTools/Autologon which maybe in malicious github repo ,check our blog @phatomcandle/spoofed-it-tools-distribute-etherrat-in-highly-stealthy-campaign-suspected-linked-to-dprk-apt-1aa6beab7dcb" target="_blank" rel="nofollow noopener">medium.com/@phatomcandle/…

English

1.3K

PhatomCandle ThreatIntel@phatomcandle·6 Nis

#C2 #DCRat #Malware #IOC #ThreatIntel daily hunting 185[.]221[.]213[.]35

English

159

PhatomCandle ThreatIntel@phatomcandle·5 Nis

#C2 #CobaltStrike #Malware #IOC #ThreatIntel daily hunting 44[.]212[.]191[.]1

English

139

PhatomCandle ThreatIntel@phatomcandle·4 Nis

#AsyncRAT #Malware #IOC #ThreatIntel daily hunting 104[.]243[.]248[.]63