Compromise Notifier @YouMayBeHacked
Formerly a THL service. Joined February 2016-
Tweets5K
-
Followers3K
-
Following0
-
Likes51
.@rzss may want to change some passwords. kmacdonald@rzss.org.uk:G*FT*HOP it@rzss.org.uk:*dinburgh*oo jkaden@rzss.org.uk:*oo*ab1 #infosec #phishing
.@easyJet might want to close this: easyjetdev.s3-external-1.amazonaws.com #aws
.@AstraZeneca might want to close this one. …azenecadev.s3-sa-east-1.amazonaws.com #aws
.@ITV might want to close this itvmedia.s3-external-1.amazonaws.com #AWS
@fumik0_ @cocaman @Anti_Expl0it @hexlax hash ba321ad38f1d52cc0a8b94807fda8ff7 and 29c5871b8685a838a896f7f632871b06 on @mal_share also cc @YouMayBeHacked
.@BATpress seriously though. [email protected]:$2a$08$0XjdIWDNzE6iScn9mj1lWe290eucBhu3JbcLkPRPOB1i/wJ6SPrmi compromised account.
.@BATpress somebody has a sense of humour. Might want to clear your Domino directory out. [email protected]:$826y4$31226$dZbD2cf3eZ3Dblem4N0zcEcx2N4T1I8x7Z7TfF6iaY2OcI950zbMRsphrWnDxtlvPoHV.btS.scmEW2 (Salt: 9df60c63b1fe96eb69f5fd8f5f10f228)
@James_inthe_box @YouMayBeHacked Another one: http://1bitofpeace .blog/business.exe Distributed via malspam hitting US mailboxes 🇺🇸 ZIP -> DOC -> payload via URL DOC: bazaar.abuse.ch/sample/88e06c9… Payload URL: urlhaus.abuse.ch/url/382451/
exe drop: https://phoenixhcg[.]org/business.exe cc @YouMayBeHacked (miss you Jay).
Update: x.com/malwrhuntertea…
To properly understand the above tweet: he did a lot alone himself. He did a lot with others. And he did a lot with us. So he did a lot, 3 times. Of those 3 "each one is more enough than the other".
Big thanks goes to him also for starting @Cryptolaemus1. x.com/cryptolaemus1/…
Big thanks goes to him also for starting @Cryptolaemus1. x.com/cryptolaemus1/…
If you combine his work on #Emotet, #phishing, #asprox, #hancitor among other malware in addition to his compromise notification service @YouMayBeHacked, he has put thousands of hrs into his personal crusade against bad actors! We all owe him a great big thanks for his work!
. @ONK_Doetinchem your website is compromised. oostnederlandskamerkoor[.]nl/wp-content/plugins/press-elements/libs/twentytwenty/puyo/[email protected] #phishing
. @StepUpMarketin your website is compromised. teamstepup[.]com/wedrive/27301/[email protected] teamstepup[.]com/wedrive/27301/yi6cfb1a049hgrtdl8xpqzm2.php #phishing
. @gacpbs your website is compromised. gacpbs[.]com/opav/[email protected] #phishing redirector
. @TheLightEvents your website is compromised. thelightevents[.]ro/oldsite/styles/cs/aol-2D3/ thelightevents[.]ro/oldsite/styles/oww/ #phishing x.com/james_inthe_bo…
. @TheLightEvents your website is compromised. thelightevents[.]ro/oldsite/styles/cs/aol-2D3/ thelightevents[.]ro/oldsite/styles/oww/ #phishing x.com/james_inthe_bo…
. @colbie_watson your website is compromised. colbiewatson[.]com/wp-admin/oauth04/redirect/[email protected] #phishing redirector
. @DJmixers_co your website is compromised. djmixers[.]co/bin_hRFbZbb24.bin #malware
SwiftOnSecurity @SwiftOnSecurity
403K Followers 9K Following computer security person. former helpdesk.MalwareHunterTeam @malwrhunterteam
219K Followers 36 Following Official MHT Twitter account. Check out ID Ransomware (created by @demonslay335). More photos & gifs, less malware.Jake Williams @MalwareJake
131K Followers 2K Following Breaker of software | GSE #150 | CTI/DFIR | @ians_security faculty | Bookings: jake at malwarejake dot com | He/himGi7w0rm @Gi7w0rm
14K Followers 677 Following Threat Intelligence and #URINT Analyst | See my Linktree for other socials | In case I post false intel, contact me! Support me: https://t.co/5WgDqr0K8pJames @James_inthe_box
21K Followers 438 FollowingDonMonkei @KontraSkynet
13 Followers 544 FollowingYusuf Nashir @Ysfnashir
21 Followers 132 Following Semua sudah diatur oleh Tuhan. Jalani yang ada saat ini dan tuntaskan apa yang telah dimulai.a solitary soul thriv.. @0xsuperdemon
141 Followers 2K Following Unreadiness to following, reluctant to followers. A visionary path treader, rethinker, and on a second thought life overwhelms me, I do not know anything, AMA!De_isberg @Deberg2022
174 Followers 4K FollowingMeric Sheehan @p0tat033s
48 Followers 180 FollowingThe Eighth Life @TheEighthLife_
0 Followers 53 FollowingBaba TheCortex @BabaTheCortex
37 Followers 900 Following Devotee of #Adya, #MaaKali, #Tara, #LordShiva, #MercuryWarrior. Ex-Cyber/Forensics/AI, Trying to execute 'whoami' #StegoGuy #Mechanicf1h3 @f1h3__
7 Followers 35 FollowingDiscoSecque @Discosecque
72 Followers 132 Followingth_monkey @trickster_hunt
47 Followers 497 Followingseasmonikty @seasmonikty
26 Followers 271 FollowingIN by Elena Marin @inforinvestment
396 Followers 1K FollowingBob Henry @BobHenr16996453
45 Followers 71 FollowingTH SIJ @th_sij
53 Followers 392 FollowingSam Kutos @SamKutos
2 Followers 35 Followingemacs_hacker @philohack_
149 Followers 3K FollowingFront Stories @eFrontStory
434 Followers 5K Following USA : is the Empire of Lies and Propaganda #FreePalestine 🇵🇸 Lost in Time! #long_live_RussiaLomholt @glomholt
32 Followers 183 Followingamr ahmed esam @amro_esam
593 Followers 5K Following I am just a person ,working as Technical Lead , Seeking to share Knowledge , experience 20 years in industryGiantEel @GiantEel_
233 Followers 5K FollowingJohn Thomas @JohnTho0012
33 Followers 257 FollowingCYGEEKPWN @cygeekpwn
81 Followers 988 Following. @XR78FZ1
44 Followers 3K FollowingDracule Mihawk @4Dracule4
15 Followers 276 Followingİlteriş Kaan Pehliv.. @IlterisPehlivan
0 Followers 4K FollowingBdak @BdakinCTI
26 Followers 217 Following CTI analyst, darknet researcher, BsC in Cyber Security. Opinions are my own.Richey Ward 🇪🇺�.. @richeyward
577 Followers 1K Followingakac ⠕ @cz_aka
129 Followers 877 Following Replit Site Moderator with passion for cyber security 👾 🐘 @[email protected]mks sihpd @Xx_XHunt3rX_xX
43 Followers 914 Followingexe drop: https://phoenixhcg[.]org/business.exe cc @YouMayBeHacked (miss you Jay).
Update: x.com/malwrhuntertea…
Big thanks goes to him also for starting @Cryptolaemus1. x.com/cryptolaemus1/…
:( very sad to see THL leave us! THL started this group and has been a major contributor to the fight against #emotet spending hundreds of hours in this fight as well as other malware. This group would not exist with out him. We have lost a major fighter in the good fight!
To properly understand the above tweet: he did a lot alone himself. He did a lot with others. And he did a lot with us. So he did a lot, 3 times. Of those 3 "each one is more enough than the other".
If you combine his work on #Emotet, #phishing, #asprox, #hancitor among other malware in addition to his compromise notification service @YouMayBeHacked, he has put thousands of hrs into his personal crusade against bad actors! We all owe him a great big thanks for his work!
O365 Credential #phishing URL(https): /www.platinumhealthmd.com/ttalk-03-04-2020/vzwsms/ @Spam404Online @PhishKitTracker @ActorExpose @PhishStats @PhishingAi @YouMayBeHacked @illegalFawn @nullcookies
@Spotify #phishing URL(https): /qualitexgroup.com/wp-admin/update.php EffectiveURL(https): /roosdesignconsulting.com/wp-content/Update/-/ @Spam404Online @ActorExpose @YouMayBeHacked @PhishStats @PhishingAi @PhishKitTracker @nullcookies @illegalFawn @JayTHL @malwrhunterteam
@YouMayBeHacked @JoRowlingNet related #malware on anyrun #nanocore payload app.any.run/tasks/a292794d… c2 adikaremix.duckdns org:1790
@YouMayBeHacked Thank you for the heads up. We are looking into it now 🙏
@YouMayBeHacked @arivalayam Verified account with 300k followers: not bad...
@YouMayBeHacked Thanks. I think we got it removed.
@YouMayBeHacked @TPPKKDepok Thanks, I will alert my Indo counterpart on this issue.
@YouMayBeHacked Thanks for this, we are looking into it
@YouMayBeHacked @TomasOleksak Wordpress version compromised?...
@BiomedikU your website is compromised and is hosting a @netflix phishing site, see details on @urlscanio urlscan.io/result/00bd218… cc @YouMayBeHacked