iamdeadlyz
@Iamdeadlyz
Followers
6,165
Following
3,563
Media
1,225
Statuses
10,658
Explore trending content on Musk Viewer
Jesus is Lord
• 124219 Tweets
River
• 112733 Tweets
Franco
• 67261 Tweets
ebony
• 38683 Tweets
自民党本部
• 37601 Tweets
#SmackDown
• 36221 Tweets
gracie
• 34421 Tweets
Duke
• 32956 Tweets
首相官邸
• 31101 Tweets
Colapinto
• 30026 Tweets
Game 6
• 29590 Tweets
Undertaker
• 25548 Tweets
Botafogo
• 23496 Tweets
STREAM PARTY EXPRESS
• 22255 Tweets
GALA EN HAVEN
• 19656 Tweets
Florida State
• 17390 Tweets
Pinned Tweet
Since publishing the findings about PureLand, it has rebranded to Pearl Land Metaverse. Following that, several fake blockchain game projects were launched by malicious actors to distribute
#RedLineStealer
and
#RealstStealer
- a new macOS infostealer.
17
41
108
1/
Was checking the NFTs at the hidden tab in OpenSea when I found out that one of them is actually an ongoing scam resulting in $1.7M+ stolen assets.
9
28
87
😊🙌
@Daily_ICX
as the
#1
influencer!
Thank you for the support fellow ICONists~
#ff
Over the last month there have been 29,586,192 total ICON social engagements, an increase of 12.4% vs. last month. Top $icx influencers include:
@Daily_ICX
@cryptosommelier
@minhokim
@MindYourCoins
@ecossexrp1
@coreycosta123
@PlutusCrypto
@adflondon
😎
8
22
63
7
17
56
One of
@TheSandboxGame
's employees was compromised and sent out emails linking to a new project called PureLand
As usual, with the fake p2e game projects, it has
#RedLineStealer
. And to my surprise, an unknown stealer for macOS
Let's take a look at it 🧵
6
30
68
1/
Cthulhu World
CWorldP2E (id: 1559535183753367552)
/cthulhu-world.com
#RaccoonStealer
,
#AsyncRAT
, &
#RedLineStealer
pieces of malware in one fake P2E game project.
Armed with several alt accounts for setting the bait...
5
34
61
Speedrun
@crypto_unicorns
$RBW drop claiming + staking + any% + real world + world record 👑
Join us at ;3
#CryptoUnicornsGoldenTicketEvent
- Iamdeadlyz | YGG
#3884
(214319255653580800)
7
10
63
#CSGOgiveaway
P2000 | Fire Elemental
Requirements:
-Follow me
-RT
-Like this comment and reply proof
Ends
@300Likes
29
73
51
This thread by
@oscarxferral
is interesting
Decided to examine it further...and here's the execution chain:
PDF (dropper, using CVE-2023-27363) > .hta (persisting via startup folder) > .exe >
#Stealc
infostealer
A bit more in-depth with IOCs at
New scam/threat actor alert! ⚠️
TL;DR: Do not open PDF files from unknown sources.
Here's what happened:
1/🧵
Two days ago, the threat actor
@1pablo_eth1
followed me and messaged me to talk about projects. The threat actor pretends to be the Community Manager of
43
63
188
4
19
48
1
2
51
ICONLOOP, ICON $ICX, and MyID alliance have the following:
✅ Best and reliable partnerships so far in the crypto and blockchain industry
✅ Great community
✅ Undervalued token price!
If you're not in yet, then ¯\_(ツ)_/¯
Source:
@helloiconworld
#ICON
I'd like to share
#MyID
Alliance Newsletter (MAY)
"Our attitude toward post corona + Introduction of new partners"
- Original letter(kr) :
- Translated letter :
1
25
80
0
10
48
Paano ba mag stake at bumoto sa ICON ($ICX)? Basahin at alamin sa artikulong ito 🧐
Sali na sa ating telegram channel:
#ICON
#ICX
@helloiconworld
@POSBakerz
@Daily_ICX
4
22
35
.
@PREMINT_NFT
has been compromised ⚠
payload loaded from /s3-redwood-labs-premint-xyz.com/cdn.min.js?v={epochTimeInMs}
🚩
@etherscan
0x4eD07767e70199F2423dC67FDE6802C1E7D06cA1
0x4499bac5B15321b6fcD6Faf781Be8ae96EAAFeEf
@dubstard
@sniko_
@phishunt_io
3
27
39
🙌 MAC-10 (48hr)
✅RT + Follow me +
@gamebotsc
✅ENTER
✅TAP "Get Started"
#CSGOgiveaway
Join now ~^-^~
11
45
33
@ShitcoinSherpa
That is
@phantom
's injected code 😂
Just because there's a "drain", it does not indicate malicious activity immediately
1
1
38
#CSGOgiveaway
Sawed-Off | Serenity MW
To enter:
-Follow me +
@DD24_Csgo
-RT+Like
-Reply "Restricted" and tag 3 friends
Ends in 2 days~
22
27
24
1/4
Interesting smart contract case 👀
Retrieve JS from smart contract > fake update via iframe -
#ClearFake
@joy_dragon
🚩
@bscscan
0x7f36D9292e7c70A204faCC2d255475A861487c60
Deployer: 0xfc1fE66FB63c542A3e4D45305DaB196E5EcA222A
@DuneAnalytics
query:
🛑 Nueva campaña de
#ClearFake
ahora en perfecto español y a través de sitio e-Commerce Chileno 🇨🇱 comprometido.
Investigación junto a
@joy_dragon
💪
1.- Usuario visita sitio comprometido (
#WateringHole
) ↓
2.- Carga Binance Smart Chain (
#blockchain
) ↓
3.- Muestra 'Fake
4
30
65
4
7
30
Thanks for the meeting fellow P-reps 🙂
@radiofriendly12
@POSBakerz
@CatalystNode
@coreycosta123
@eublockmove
@infiniteloopinf
@RhizomeICX
@IconbetP
ICON Chicago
@espanicon
#ICON
$ICX
1
5
27
Flash giveaway~ 1 Steam CD-Key
Req.
-RT & Like
-Follow me,
@DD24_Csgo
,
@EdvinasNOR
-Share post in fb
Ends in 30 mins~
9
19
22
LFG!!! Thank you for the founders badge
@crypto_unicorns
! Honored to have this one~ 🤝
Great work (as always) with the new claiming feature
@Moonstreamto
@zomglings
😎
2
2
29
1/
Two-in-one: Wallet drainer &
#NetSupportRAT
Mass mentions & DMs to lure ->
@jobjobsjob
(82226526)
/pokemoncards-nft.com
Notif to: 195.133.197[.]185
🚩
@etherscan
0xaAcCa4Ed989A3508d37e2432ADE900B8Ce657d2F
has back-and-forth txs: 0xE497Dc4cDCCbE258968A65dEBbe2006d3B3Ad15f
3
7
22
@playSHRAPNEL
@UnrealEngine
Easter egg! The coordinates of this player, 33°49'26.9"S 151°05'26.0"E, are located near the studio,
@realplasticwax
, which collaborated with Shrapnel to produce the trailer~
Insane trailer! 🔥🔥🔥
3
2
25
The gif says it all ~(˘▾˘~)
$ICX
$ICX governing a billion-dollar layer one ecosystem is just the start
What happens when $ICX is governing and securing billions in cross-chain liquidity 🤔
#AggregatorChain
#ICONProject
#BTP
38
190
670
0
3
23
First wallet drainer I've seen having a non-hardcoded wallet address to be used for unlimited approval. New wallet is generated for every call
/tether.legal
C&C: /securedbackend.com
hxxps[://]securedbackend[.]com/backend/getAddress?network=ETH&refId=undefined&walletId=undefined
2
2
22
1/2
Earlier today,
@SKYserves
, an official account by SKY Cable Corporation, was compromised and impersonated as
@DeBankDeFi
. The attacker leveraged this to deliver
#RaccoonStealer
Bitly URL shortener -> IP logger -> Google Drive
Uploader: ethereumimpulse
@gmail
.com
Hi
@rapplerdotcom
@inquirerdotnet
Can you pls confirm guys, if
@SKYserves
got hacked? That's their official Twitter account but it seems to show other organizations’ activity.
It still show their previous tweets about the broadband business though.
7
2
12
3
10
24
Fake
@circle
email -> wallet drainer
"Circle: Redemptions at a 1:1 USD rate for $USDC Have Opened"
/redeem-circle.com
/usdc-circle.com
C&C: /pingpongtool.xyz
0xa564b4ae325518b9365B529CDa5F237f6C08dD69 (
@realScamSniffer
flagged)
0x0B310CcD59DBADD4a65E8b2833ac64EAc1E66926
1
10
23
1/
Redline stealer
#malware
⚠
impersonating
@ayzdcom
30b9606ff61d82a452898800f25bcf257f6d643aa165c177db64a87a0cc875fd
C&C: 185.106.92.91
@dubstard
@sniko_
@ActorExpose
@JAMESWT_MHT
@PhishFort
@phishunt_io
@JAMESWT_MHT
@malwrhunterteam
4
9
21
6/
The unknown macOS stealer is an interesting one since it is new.
When trying to run the application after the installation, a prompt asks for the password to access "Chrome Safe Storage." That alone should be a red flag.
It targets Chrome Login Data and crypto wallets
3
4
20
The write-up is more detailed, though here are some takeaways.
A total of 9 fake blockchain game projects were launched to lure people into running the malware. The lures were still the same, such as looking for beta testers, giving out access codes, hiring artists, etc.
2
1
19
2
2
16
@0xAstral
@zerion_io
Heads up
@Darrenlautf
, not sure if you do verification for the job ads, but this went under your radar
0
0
20
Someone tried to infect me with
#RaccoonStealer
🦝
@0xMuah
- 2728174460
nftm1nds (Astrient) on Telegram
Bio: Astrient | 28 y.o. | CEO SpaceNFT | SOL ETH BNB
Lures via DM; asking to be their artist for their NFT project. Makes sure that their target has Microsoft Word, lol.
2
6
17
Another catto to my collection 😻
Thank you and congrats on the successful collection launch
@sheep20220301
!~
4
3
18
#CSGOgiveaway
just a small giveaway :3
P250 | Valence
To enter
-RT
-Like
-Follow me &
@DD24_Csgo
-Reply, tag 3 friends
Ends in 2 days :3
11
13
13
Congrats for the 5th P-rep community meeting 🥳
Good thing we prevented the Zoom bombing haha
@ubikcapital
@StakinOfficial
@RhizomeICX
@piconbello
@everstake_pool
@CatalystNode
@espanicon
@holaicon
@IconbetP
@IconPilipinas
@ICONationTeam
@PREP_ICONPLUS
@MillstoneGlobal
0
8
17
#Phishing
⚠
🎯
@TrustWallet
☣/databreach-trustwallet.com
🌐
@regru
|
@Google
AS396982 34.88.206.214
🚩 Requires mobile browser user-agent
@CryptoPhishing
@dubstard
@sniko_
@ActorExpose
@PhishFort
@phishunt_io
@illegalFawn
0
6
15
Latest updates for ICONex!
✅Android app is now updated to version 1.7.2
✅The browser extension is also updated to version 1.0.4.8
Release notes:
▶The P-reps list are now randomized!
▶Adjust the step limit automatically when using a smart contract
▶English corrections
$ICX
1
8
15
#RaccoonStealer
from otherdeed_beta (290606664)
/linktr.ee/otherdeed -> Discord CDN
ff7ce6bb4da1301b4a05577a8ca5e901d8469371686e273316362a3f50b4980f
2475b6b24c1117002dfdb64795080ea401a25a2a23e08f3e9f809dfaa01a05c1
C&C: 94.142.138[.]3:80
h/t
@cryptoShields
@1c4m3by
0
7
16
@ajdimarucot
/xeonuswallet.com
#RedLineStealer
- impersonating
@zerion_io
C&C: 167.235.233[.]35:16621
58a5377236567bde185a55ca49d8c8f6
2faeee817b7d54e020e9fc4273fe656a
fa36bab72590a739db048f2f608fcfdc
d82ba9d289a86d7e04e33645731bc178
0
6
16
Apetainz (772448933918433280) - wallet drainer
/apetainz.com
@EpikDotCom
/activity-server-logger.com
@Hostinger
🚩
@etherscan
0x4C4afb903DA669Fa2A59E949B479634299Baf8d9
0xAe8F24514BF3985BC74cF1552Df22F2180BF94Bd
🤖 backup2839592375293_bot
👤 lucileray
h/t
@cryptoShields
3
5
15
0
1
14
3/
0x33E196CD6078a633D92ddcEC5CFB9D7Fe05cBb66 is a smart contract being used to transfer the stolen assets from the victims who were tricked into confirming approval txs
@Bitquery_io
(Bloxy) for the graph
2
3
13
4/
#NetSupportRAT
www.dropbox[.]com/s/esdksc1v6akq2t5/PokemonLauncher.exe?dl=1
Uploaded by: R00TL1nK Production
6db5e6ade4347435c861220ec517e39e
C&C: arponet.duckdns[.]org:9999
-> 89.107.10[.]44/fakeurl.htm
Related finding by
@ASEC_Analysis
1
2
12
Thanks for the meeting fellow P-reps and ICONists 😄
@coreycosta123
@ubikcapital
@StakinOfficial
@ICONationTeam
@TranscranialSol
@PREP_ICONPLUS
@IconPilipinas
@IconnectG
@Paradigm_fund
@piconbello
@iconguidestar
@espanicon
@bwhli
@RhizomeICX
$ICX
#ICON
#ICONproject
1
2
14
1/
Two-in-one: serves
#WalletDrainer
&
#RedLineStealer
#malware
Impersonating
@MetaverseMiner
Fake:
@medenx_space
727398120724807680
medenx[.]space
medenx[.]space/61/Launcher.exe
medenx[.]space/61/Installer.exe
🚩
@etherscan
0x6d2d9533637b004Fa31ed388e908D064e5bbBC34
⚠️NEW P2E Malware
Stay safe out there fam, I was DM'd by this scammer via discord asking to beta test his P2E game.
Malicious Site: medenx[.]space
DNS Record Analysis:
Creation: 2022-08-31T15:23:12.0Z
Updated: 2022-09-05T15:33:10.0Z
8
43
80
1
4
11
4/
The receiver for the foundation-interview[.]app wallet drainer is 0x53EfD488038E5f8c4a922a8aD6498FA1cd7db3DA
A quick check on
@MistTrack_io
shows the flow of funds and ties to several victims, namely:
@casperdefi
,
@Cryptezz1
,
@toastpunk
,
@Kuhrak
...(there could be more)
2
2
13
Calling all
#ICON
developers! Join the bi-weekly calls by Daeki Lee -
@IcxStation
Objectives:
▶Bring awareness of individual projects
▶Push open-sourcing
▶Share tips
▶Enhance the development process
▶Communicate with
@helloiconworld
Foundation
$ICX
1
7
14
1/
NFT
#drainer
- impersonating
@RevokeCash
Fake:
@Revokedcash
ID: 1381471803504263169
/revokedapp.online
🚩
@etherscan
0xc97dDC36e15e4c98d5c19245110391eB9C97eF4f
Deployer:
0xD1f698A6ab5F7E3203Ea810CAda8D252dD6ef80a
New owner:
0x0836f05E4d3c5cbCfDFC7CbA81b4154D61aebf21
1
9
15
Fake NFT mint. Discord server compromised.⚠
🎯
@nyanheroes
☣/www.nyanheros.org
🌐
@Namecheap
🚩 SOL:
8beT2XMuQTDBJGCSdmVMrGf2J2KE8dkwyUcZgaaderzr
TA: /cryptokens.sellix.io cryptokens_tg
@CryptoPhishing
@dubstard
@sniko_
@ActorExpose
@PhishFort
@phishunt_io
4
2
12
CC
@0xToxin
@malwrhunterteam
@JAMESWT_MHT
@1ZRR4H
@0xDanielLopez
@Gi7w0rm
@LawrenceAbrams
@patrickwardle
(LuLu is a great tool!)
@philofishal
@AnFam17
@ankit_anubhav
@executemalware
@embee_research
@reecdeep
@James_inthe_box
1
0
13
Possible Android
#malware
🎯
@TrustWallet
1b3ed3acbe5e18c90cc65a532e8ef5d7a4ddb738d9763494dabe1a58c2ca3654
/trusstwallet.site
/trusstwallet.site/download/Trust.apk
@JAMESWT_MHT
@malwrhunterteam
@dubstard
@sniko_
@ActorExpose
@midnight_comms
@phishunt_io
@illegalFawn
2
9
14
2/
A fake
@TheBeeings
NFT was sent to me and hyperlinked to the scam site /thebeeings.link (
@Hostinger
@ovh_support_fr
51.222.199.226)
The scam site points to the destination address 0x33E196CD6078a633D92ddcEC5CFB9D7Fe05cBb66 (
@etherscan
pls flag)
3
1
11
.
@InfectedMob
&
@AngryDinosNFT
's Discord servers were attacked today by the same malicious actor/s
/reovke.cash
/angrydinosnft.com
🌐
@Porkbun
|
@AWSSecurityInfo
35.155.7.183
🚩
@etherscan
0xFcBED20837BB250A27342A125Ac78B4747d50082
@apiopensea
eeae1d7d4423433ab5e103905ee7cf06
3
8
13
Time flies so fast
@kookoocryptotv
✨✨✨✨
Sando Gang building the next Dubai in Lunacia w/ my neighbor
@Iamdeadlyz
🤩
@AxieInfinity
$AXS 🔷
0
5
32
1
0
12
#RaccoonStealer
🦝 - an image of
@Ledger
Live with their logo changed
Lures via Telegram - TelegWalletBot
/airs-wallets.com
-> /bit.ly/3Urgstt
-> /onedrive.live.com/download?cid=6182E9098EAB84A4&resid=6182E9098EAB84A4!134&authkey=ANuB2KcPL7wlhYI
@LedgerCybersec
@Ledger_Support
2
4
12
Grabbed a
@PurrnelopesCC
and claimed my kookoo.pcc.eth sub
@ensdomains
🔥
As my degen buddy
@Iamdeadlyz
always say, "we love the cats" 😻
Thanks
@TheShillPCC
for the assist.🙌
11
7
85
2
0
13
#WalletDrainer
- targeting multiple projects
/mgxsco.com
🚩
@mgxss_co
- 491809670
/akuworlds.com
🚩
@AkuDreamsNFTs
- 625135732
/metamansionbykey.com
/mintnftworlds.com
🚩
@etherscan
0x0e0bB0cC029C221277329552403c976e1BD176D2
C&C:
/nftpremint.org/wh.php?t=
./order.php?from=
1
4
12
@CMahalay
b53c8c528eb62819a1d6211b3b7921c58c77d458d9489d414e85cdd0f05e8f83
/metabloxel.com/BloxelLauncher.exe
likely to be
#RedLineStealer
?
@JAMESWT_MHT
@malwrhunterteam
@1ZRR4H
@milannshrestga
@StopMalvertisin
@ankit_anubhav
@TeamDreier
@th3_protoCOL
@0xToxin
2
5
13
NFT
#drainer
- impersonating
@Memeland
Fake:
@ThePotatozNFT
id: 1542710705136275457
/grow.potatoz-memesland.com
🌐
@realtime_reg
|
@Hostinger
82.180.172.227
🚩
@etherscan
0xa7a30830B1dF1347dE54773b6150f89BE5284dDf
Uses safeTransferFrom instead of setApprovalForAll
🚨 SCAM ALERT! 🚨
Please help report them to Twitter. 🙏🏻
63
165
452
2
7
10
As the malware author is actively developing this, we may see more features soon. Just days ago, VM detection was added.
1
1
11
Common fake giveaway template
/tesla-online.net
🚩
@etherscan
@bscscan
@polygonscan
0x47B82218254657E9CB099Ce99FdA789d8B925971
BTC: 16dnhXKyvmDnMGL8peMgT91u6xzJy46Z81
DOGE: DUAZvRULbEMZmJjpNujqadXpCHndG9vwrr
The
#LinusTechTips
YouTube Channel Appears to have been compromised and is hosting two live `BTC` scam livestreams
7
29
117
1
1
11
@cagyjan1
9a29fe7e8c71070f2f5cc925f485ba6f92109fd0d16688b6f816f54831d7042d
/metastaxel.com/StaxelLauncher.exe
might interest you
@JAMESWT_MHT
@malwrhunterteam
@1ZRR4H
@milannshrestga
@StopMalvertisin
@ankit_anubhav
@TeamDreier
@th3_protoCOL
@0xToxin
2
1
12
1/
#ErbiumStealer
#RedLineStealer
Lures via mass DM. Impersonating
@metaverserun
Fakes:
@metaracerwin
- 2763428037
@metaracewin
- 2365451740
Bot:
@Noellanft3
- 1578522241364393984
/metarace.win
/metaracers.win
1
7
12
Perhaps, this is the first ITW use of CVE-2023-27363?
@0xToxin
@malwrhunterteam
@JAMESWT_MHT
@1ZRR4H
@0xDanielLopez
@Gi7w0rm
@LawrenceAbrams
@AnFam17
@ankit_anubhav
@executemalware
@embee_research
@reecdeep
@James_inthe_box
@Jane_0sint
2
0
11
Fake NFT mint. Compromised Discord server.⚠
🎯
@genies
☣/geniesdrop.com
🌐
@Namecheap
🚩
@etherscan
0x0cEe5a2F50811DF70db34C647cE536bc4891FFf6
@CryptoPhishing
@CryptoScamDB
@dubstard
@sniko_
@ActorExpose
@PhishFort
@phishunt_io
4
2
11
@idclickthat
@malwrhunterteam
@ULTRAFRAUD
@dubstard
@AlvieriD
@1ZRR4H
@0xDanielLopez
@th3_protoCOL
@sekoia_io
Oh, remember the 444.exe
@1ZRR4H
? Golang, fingerprinting, and collected data... 👀
285c1f0750ac995b5ba4d1acb613f797923f1528021fed5fc087483893772b33
Though there's code reuse for Kraken, which made us think it's another variant. Interesting...
1
1
12
@zachxbt
Can't see the rest of the thread and replies...you got restricted. What's happening 😨
1
0
10
3/
Use of multiple
@Linktree_
links to present the website and Telegram
/linktr.ee/pokemon_nft
/linktr.ee/pokemon_p2e
/linktr.ee/pokemon_airdrop
-> /pokemoncards-nft.com
-> /t.me/PokemonNFTGame
1
0
8
Currently, it does two POST requests to its C&C
1 -
http://167.172.103[.]83:8080/opened
When the stealer is launched, a notif is sent to the opened endpoint
2 -
http://167.172.103[.]83:8080/analytics
To exfiltrate the gathered data, it is sent to the analytics endpoint
1
0
10
Realst Stealer is written in Rust. And as a regular infostealer, it targets the data from browsers, cryptocurrency wallets - browser extensions, Telegram, and Keychain.
1
0
10
1/
ETH & NFT
#drainer
- impersonating
@yugalabs
ATO:
@yugaIabs
(prev.
@jingmonis
)
ID: 85312852
/blog-metamask.io/articles/critical-sec-update
🚩
@etherscan
0xd13b093EAfA3878De27183388Fea7D0D2B0AbF9E
0xC1A0C058d417496e5ad26702e016d9f9dA00614E
Previously seen: fake moonbirds
1/
ETH & NFT
#drainer
- impersonating
@moonbirds
Fake:
@mooonbirds
id: 2710845495
/xn--moonbrds-xkb.com
🚩
@etherscan
0x11a2356eD527B87e502c19ac85cdCf2B12c975CC
0xd13b093EAfA3878De27183388Fea7D0D2B0AbF9E
0xd361e29c48841c40506fc6e6211f68a203ec1ef1
1
2
5
4
2
11
1/
Fake
@Collab_Land_
in the wild. Shows relation to the quoted tweet - NFT
#drainer
/asset-collab.com
🚩
@etherscan
0x36dCB078457b8A5cF71e628CF82C4A10ac85992a
0xC689a68e44cFCaca9C2B0E5A80c15639427B11b5
Abuses
@opensea
API: /api.opensea.io/api/v1/collections?asset_owner=
Fake
@Collab_Land_
at
@HarakaiNFT
's Discord server - ETH & NFT
#drainer
/verifyassets-collab.land
🌐
@GoDaddy
|
@Hostinger
82.180.128.146
🚩
@etherscan
0xF23653FedA01962D0A99F3E88d9304944203c41a
@discord
webhook used
channel_id: 994548192286883862
guild_id: 994548191741616160
1
1
7
2
5
10
6/
Aside from the wallet addresses, I was able to get the list of stolen assets, which is shown in the first part of this thread.
2
1
9
@Jon_HQ
@cometwtf
#RaccoonStealer
/founders.blessedarena.com
-> dropbox
2500c08fd3b71b6dec77f385f99821c8
exe: 778dbf5892abc9da4a18c90052e1084b
C&C: 45.153.240[.]247
@JAMESWT_MHT
@malwrhunterteam
@th3_protoCOL
@1ZRR4H
@0xToxin
@dubstard
@0xDanielLopez
@ActorExpose
0
3
11
NFT and ETH drainer ⚠
🎯
@goblintownwtf
☣/goblentown.com
🌐 |
@Cloudflare
🚩
@etherscan
0x04eE62c90FeC42D98Fc21A882DCB40De70D43166
0xAa01c987952Db328De3aEe15A06F38c7981aE8FB
@CryptoPhishing
@dubstard
@sniko_
@ActorExpose
@PhishFort
@phishunt_io
1
3
9
3/
That project is
@rworldp2e
(now
@R_WorldP2E
). As they were called out by Stark, the account changed the username lol. Here's the ID though: 1467094027480625155
It is an impersonation of the original project called
@ReptileChronic
@R_chronicls
1
1
11
1/
ETH and NFT
#drainer
from
@dloodIes
⚠
🎯
@doodles
☣/dloodles.com/raffle/
🌐
@Hostinger
82.180.174.130
🚩
@etherscan
0x64Ec1CF0f4f315e95a1DA0F113240dB4a6Ea2BAD
@opensea
@apiopensea
812924de94094476916671a8de4686ec
@dubstard
@sniko_
@ActorExpose
@PhishFort
@phishunt_io
1
5
10
1/
@AzraGames
Discord server was compromised - NFT
#drainer
/azragames.org
🌐
@Porkbun
🚩
@etherscan
0x2e454234c1f9D1Fe712D82CD2e5074e7262cf9f1
0x277Af92A3CC749573e43B62393AE30510Ea179B7
h/t
@Plumferno
for the screenshot
2
5
11
@crypto_blkbeard
@PREP_ICONPLUS
@helloiconworld
Missed one DApp there mate 😅
It's our no-loss lottery (think of it as a gamified saving too
#DeFi
) by the way:
0
0
11
@cryptoShields
@whyarewehere42
@UltiCrypto
@NFT_GOD
@0xCygaar
@0xQuit
@Server_Forge
@Jon_HQ
@Wii_Mee
Hi! Yes, it's
#RedLineStealer
7b34df389284290530d52c2120dd68770cc2b5c6dec164687294223a9715acc5
9e36d46ed59ffe9f276424cbe75b2ee5f5f164a5964acf2f59b48106fe306b12
b3472ce58423fb8546d8648f150303fe856c779cc05756ae1349965c1698866b
C&C: 142.132.179[.]117:23232
2
3
9
Isinalin galing sa
@Daily_ICX
#ICON
$ICX
1/4
📌Basahin ang pinakabagong "Contribution Proposal System" upang mas maintindihan ito -
@benny_options
➡️
📌Panoorin ang ICON bi-weekly update ng pangkat
@PREP_ICONPLUS
🔽
It's time for another bi-weekly
#ICON
News Update by the one and only
@PREP_ICONPLUS
journalist
@LayahHeilpern
!
We had a lot to catch up to, so this week's episode about the
#ICONProject
is jam-packed with a ton of news.
Worth a watch! 🔥
#ICX
$ICX
@helloiconworld
@minhokim
7
22
131
1
3
10
Android
#malware
- fake
@TrustWallet
a1cb39627383c1a400c64ec9b8a5b0c2
/trustwailet.cn
/walltetrust.com
/walltetrust.com/trustwallet.apk
/zhurf.cc/bmqx.app
Exfil /trustswallets.com
HD钱包管理系统
@JAMESWT_MHT
@malwrhunterteam
@dubstard
@ActorExpose
@midnight_comms
@phishunt_io
2
3
9
It was interesting to see a worker who goes by the handle of "MonkeyyDrainer".
Is it the same MonkeyDrainer we've known before for launching a wallet drainer as a service? Or is the worker just a big fan of Monkey? We never know...
1
0
9
@panekkkk
@Mudit__Gupta
Was able to see it when the tweet was fresh (like seconds ago). Algo just decided to: "yes,this is dangerous, no thanks ser"
3
0
9
#Phishing
⚠
Target:
@Ppostofficial
☣/junenighttask.com/PH-phlpost-i12-track-new-type/
☣/cermindomino.com/?app_vl=ZHx0l3FhjZido7mi0557fWKjqK-3wKWnnmKjY31yjpqiqZyUYpuU
AS13335
@Cloudflare
@CloudflareAbuse
cc:
@ActorExpose
@Spam404
@phishunt_io
@malwrhunterteam
@JCyberSec_
2
1
9