Daniel López @0xDanielLopez Twitter profile | Pikagi

Pikagi

Daniel López

@0xDanielLopez

2,128

Followers

522

Following

324

Media

1,386

Statuses

Security Engineer at @Citrix | @CuratedIntel member | & @phishunt_io

Sevilla, Spain

https://t.co/6jKZ8S42Hr

Joined September 2011

Don't wanna be here? Send us removal request.

Pinned Tweet

@0xDanielLopez

Daniel López

5 months

🎉 #TweetFeed is back! 🎉 After some months, I could bring it back to life again! Easily grab IOCs shared by the #infosec community at 𝕏 / Twitter: • URLs • Domains • IPs • SHA256 hashes • MD5 hashes All served in a FREE feed or via API. ➡️

Tweet card media

Feeds with IOCs shared by infosec community - TweetFeed.live

TweetFeed collects Indicators Of Compromise (IOCs) shared at 𝕏/Twitter.

@fr0gger_

Thomas Roccia 🤘

5 months

Pretty cool TweetFeed is back and you can also use it with #OpenCTI 🤩 Amazing work by @0xDanielLopez 🔥

Tweet media one

6

43

166

4

39

118

Last Seen Profiles

@owlgrowl_0v0_

@academycc

@taeraue

@cc_care

@pthendzlik

@lena_popina

@jamieallingham1

@ThePavoOcellus

@tozonline

@kirlos_trading

@joetidy

@zafergazetesi06

@ptitsboutdtruc

@StaBrothers

@Tera_VRC

@schadenfreude74

@minemnes

@squezyboy

@dayp29

@jasminpigemoji

@FulHambone

@ghanamunsemsem_

@YleniaMorros

@WISCOkyrie

@laperladeshikon

@SENTINEL_ITN

@rosebaebay

@GeraldAvery17

@tofugh0st

@sotaroooooooo

@poizunc13695222

@tincho_devita

@KayleighRo46569

@atxmj_

@SoundSmithTF2

@IGNme

@0xDanielLopez

Daniel López

3 years

Presenting "TweetFeed" Public repo that collects IOCs posted on Twitter in order to search them in your environment. Interesting for #BlueTeam members, contains: - URLs - Domains - IPs - MD5/SHA256 hashes Also includes queries for MS Defender. 🔗

Tweet media one

Tweet media two

Tweet media three

14

161

436

@0xDanielLopez

Daniel López

2 years

Just added #log4j and #Log4Shell tags to TweetFeed repo. Easier to find IOCs posted by infosec folks on Twitter with these tags. 🔗

Tweet media one

1

45

153

@0xDanielLopez

Daniel López

2 years

. @Cloudflare bloquea el mayor ataque DDoS visto mediante HTTPS (15M peticiones por segundo)

Tweet media one

Tweet media two

Tweet media three

3

43

134

@0xDanielLopez

Daniel López

5 months

Tweet media one

0

28

96

@0xDanielLopez

Daniel López

1 year

• Hay certificados accesibles y gratuitos desde 2016 ( @letsencrypt ) • Las webs falsas pueden tener logos e imágenes de calidad como cualquier otra () • El footer de cualquier web también puede falsificarse Cuenta oficial de la GC (~2M seguidores) 👍

@guardiacivil

Guardia Civil

1 year

Para detectar una web de venta falsa, mira: - El navegador no tiene certificado de seguridad. - El logo y las imágenes no son de calidad. - El pie no contiene información de la empresa, ni sellos de confianza o certificados. @osiseguridad @INCIBE + 👇

Tweet media one

7

102

251

5

24

90

@0xDanielLopez

Daniel López

1 year

🎉 is now available at OpenCTI 🎉 The connector has been added to the official repo, complete with documentation on how to use it. This has been an awesome job done entirely by @aaarghhh 🔥 ➡️

Tweet media one

Tweet media two

Tweet media three

1

30

81

@0xDanielLopez

Daniel López

3 years

🚨 MUCHO OJO 📱 Están enviando SMS maliciosos en el mismo hilo de mensajes legítimos del banco. Por eso SIEMPRE hay que comprobar el enlace al que accedemos. Ejemplo 👇🏻

Tweet media one

4

43

54

@0xDanielLopez

Daniel López

2 months

Good news! 🎉 has been added to @intel_owl 🎉 IntelOwl is an #OpenSource solution for management of Threat Intel. Another platform that integrates TweetFeed 🔥 Thanks @matte_lodi & team! ➡️

Tweet media one

Tweet media two

Tweet media three

Tweet media four

1

13

53

@0xDanielLopez

Daniel López

2 years

👉🏽 Added #Follina tag to This way you can easily search any IOC posted by the community with this tag. 🔗

Tweet media one

0

11

50

@0xDanielLopez

Daniel López

3 years

Forma simple de joder leaks en un archivo CSV: Añade una coma a tu contraseña

2

16

44

@0xDanielLopez

Daniel López

4 months

🔍 Now check indicators against WarningList by @MISPProject ¹ It's a great resource of well-known indicators in order to avoid potential false positives Hope there will be less FPs on the Feed now 👌🏼 ___ ¹

Tweet media one

Tweet media two

3

13

43

@0xDanielLopez

Daniel López

2 years

🚨 Ejemplo de inyección de código #JavaScript para realizar ataque DDoS. Al visitar la web vulnerada el usuario lanzará múltiples peticiones a distintos recursos relacionados con 🇺🇦 El código funciona perfectamente😅

Tweet media one

@malwrhunterteam

MalwareHunterTeam

@malwrhunterteam

2 years

The website of @IformaRedsocial , https://iforma[.]es/, looks got hacked as it is currently includes a script to attempt DDoS Ukrainian / Ukraine related domains/IPs... cc @0xDanielLopez

Tweet media one

9

22

63

0

19

38

@0xDanielLopez

Daniel López

2 years

Variety of scams hosted at @googledocs • Twitter • Metamask • Coinbase • TrustWallet 🔗 🔗 🔗 🔗 🔗 🔗 🔗

Tweet media one

Tweet media two

Tweet media three

Tweet media four

2

21

37

@0xDanielLopez

Daniel López

1 year

Nuevo phishings contra @Correos 🎯 ➡️ /corereos.com ➡️ /coresros.com ➡️ /coress-es.xyz ➡️ /correos-vip.com ➡️ /es-esposts11.top ➡️ /espost-hy.top ➡️ /td.corress-es.net ➡️ /www.correos.es.infoupdate.shop ➡️ /wwwcorioie.icu #phishing | #scam

Tweet media one

Tweet media two

Tweet media three

Tweet media four

3

22

36

@0xDanielLopez

Daniel López

2 years

🚨 Several verified accounts spreading scams • Elon Musk 👤 👤 👤 👤 👤 👤 • Vitalik Buterin 👤 [ 1 / 2 ]

Tweet media one

Tweet media two

Tweet media three

Tweet media four

5

28

36

@0xDanielLopez

Daniel López

1 year

📲 Reportar los SMS maliciosos directamente desde el móvil Sería interesante tener esto también en España 🇪🇸 por parte de @INCIBE

@NCSC

NCSC UK

1 year

🤳 Did you know you can forward scam SMS messages to us for free and we'll take care of them? 📲 Just forward the text to 7726.

4

83

134

0

11

35

@0xDanielLopez

Daniel López

1 year

Phishing activo contra @Correos 🔗 /servicio-distribucion-correos.com 🔗 /gestion-aduanera-correos.com Alojado en @Microsoft Dominio registrado con @Google

Tweet media one

Tweet media two

3

17

31

@0xDanielLopez

Daniel López

1 year

Recently registered domain targeting @Twitter 🎯 ➡️ /twitterhelpatwork.com Hosted at @Microsoft #phishing | #scam

Tweet media one

Tweet media two

Tweet media three

2

14

32

@0xDanielLopez

Daniel López

1 year

Bunch of fake domains that seems to have been used on this: ➡️ /riotgames-inc.com ➡️ /riotgames-sso.com ➡️ /riot-sso.com ➡️ /riot-inc.net ➡️ /riot-inc.dev ➡️ /riotgames.network ➡️ /riotgames.team Someone was looking for free LoL/Valorant skins.

Tweet media one

@riotgames

Riot Games

1 year

Earlier this week, systems in our development environment were compromised via a social engineering attack. We don’t have all the answers right now, but we wanted to communicate early and let you know there is no indication that player data or personal information was obtained.

299

613

10K

3

13

29

@0xDanielLopez

Daniel López

2 years

⚠️ Cuidado con los SMS suplantando a @Haciendagob Ejemplo de caso activo: 🔗 /projud.com.br/wp-content/infos/terileeze/terileeze/terilee/teril/Triib/tributaria/cc.php

Tweet media one

Tweet media two

Tweet media three

Tweet media four

3

24

27

@0xDanielLopez

Daniel López

1 year

↪️ Year recap on Some details of IOCs shared from [ January 1st, 2022 ] to [ December 31st, 2022 ] at #Twitter [ Thread ] ⤵️

Tweet media one

1

9

27

@0xDanielLopez

Daniel López

1 year

Llega un nuevo SMS: ✅ Buen dominio ✅ Layout perfecto ✅ Ningún error de ortografía ✅ Ningún aviso de GSB/Cloudflare o similar ✅ Entra en el mismo hilo de los mensajes legítimos Lo raro es no caer, te dediques a ciber o no. ➡️ /es.bbva-soportes-inicio.com #phishing | #scam

Tweet media one

Tweet media two

1

13

27

@0xDanielLopez

Daniel López

1 year

Low detected fake @MetaMask apps • MetaMask.apk [ 3 / 64 ] 465e7ed3279c2d4964a6e1d5b3c0c9bca94e27824fee5bc849656c37694aad57 ➡️ /metamcsk.com • app-prod-release.apk [ 2 / 64 ] 3cd3d26c3477a26d0c2ed3da24b15a7055e9ce6e026cc7f5a4964df51b99bcb4 ➡️ /metamask6.pro #malware | #scam

Tweet media one

Tweet media two

Tweet media three

Tweet media four

4

9

25

@0xDanielLopez

Daniel López

5 months

@midudev existe este repo con una larga checklist que puede venir bien:

Tweet card media

GitHub - thedaviddias/Front-End-Checklist: 🗂 The perfect Front-End Checklist for modern websites...

🗂 The perfect Front-End Checklist for modern websites and meticulous developers - thedaviddias/Front-End-Checklist

1

4

25

@0xDanielLopez

Daniel López

2 years

Several scams hosted on Google Sites & @googledocs 🔗 /sites.google.com/view/accs-office-ml 🔗 /sites.google.com/view/565f34/microsoft-office-365 🔗 /sites.google.com/view/accsoffice-usa 🔗 /sites.google.com/view/mycoinwallet 🔗 /sites.google.com/view/walletliveconnect 🔗 ...

Tweet media one

Tweet media two

Tweet media three

Tweet media four

2

16

25

@0xDanielLopez

Daniel López

4 months

Algunos phishings activos contra @Correos 🎯 ➡️ /ke-correos.top ➡️ /je-correos.top ➡️ /be-correos.top ➡️ /corresote-ems.com ➡️ /es-corres.world ➡️ /es-correse.top #phishing | #scam

Tweet media one

Tweet media two

Tweet media three

Tweet media four

7

10

24

@0xDanielLopez

Daniel López

2 years

⚠️ #Malware and #scam on Youtube impersonating @Wimbledon players [ Malware ] 📺 9ea50ec3c5e9c3c0bcc16aebfb122c6ee7b1da8b09d6351d8033db9d1b1f880d [ Scam ] 🔗 /microstrategygivesbtc.com

Tweet media one

Tweet media two

Tweet media three

Tweet media four

2

17

23

@0xDanielLopez

Daniel López

1 year

⚠️ Several wallet drainers using @github pages. GitHub users 👤 Free-airdrops 👤 free-mint 👤 freenftxyz 👤 Hasbullanfts 👤 kittyasz 👤 lol13371 👤 nft-free 👤 toshiesmint 👤 toshiesnft [ 1 / 2 ]

Tweet media one

Tweet media two

Tweet media three

Tweet media four

1

14

22

@0xDanielLopez

Daniel López

1 year

🔴 Han comprometido el canal de YouTube del streamer @IbaiLlanos 🇪🇸 (10.5M suscriptores) para difundir estafas relacionadas con criptomonedas. ➡️ /elontesla.org

Tweet media one

Tweet media two

Tweet media three

1

12

21

@0xDanielLopez

Daniel López

1 year

Nuevos phishings contra la Agencia Tributaria ( @informaticaaeat ) 🎯 ➡️ /agenibutarcia.vercel.app (*) ➡️ /httpss.builderallwppro.com/W/tributaria/cc.php #phishing | #scam ______ (*) Kit disponible, exfil mediante Telegram.

Tweet media one

Tweet media two

Tweet media three

Tweet media four

3

15

20

@0xDanielLopez

Daniel López

2 years

Another day, another scam hosted at

Tweet media one

@reecdeep

reecDeep

2 years

#Remcos #Malware targeting huge amount of european mailboxes right now, using DHL template as a lure. Attachment is r20 archive file! Sub: Your latest DHL invoice MD5: FE7E530636C29B5ABCC08FA7D708CBAF 🔥c2: blackwealth001[.duckdns.[org:59085 #infosec #security #cybersecurity

Tweet media one

1

19

36

1

7

20

@0xDanielLopez

Daniel López

2 years

Several verified accounts spreading cryptoscams: - - - - 🔗 /nicecrypto.net 🔗 /livemoon.io 🔗 /winktrust.com/gemini-giveaway/ cc @tucows @CloudflareAbuse

Tweet media one

Tweet media two

Tweet media three

Tweet media four

2

7

17

@0xDanielLopez

Daniel López

1 year

Scam being promoted via Twitter ads 👤 (600K followers) 🔗 /apecoin.is/claim Targeting @apecoin

Tweet media one

Tweet media two

2

12

21

@0xDanielLopez

Daniel López

2 years

⚠️ Scam from a verified account [ US democratic candidate ] impersonating @LooksRare 👤 🔗 /claim-looksrare.net cc @Namecheap

Tweet media one

Tweet media two

Tweet media three

Tweet media four

7

9

20

@0xDanielLopez

Daniel López

11 months

🔴 Comprometen el canal de YouTube del streamer @DjMaRiiO 🇪🇸 (9M suscriptores) para difundir estafas relacionadas con criptomonedas. ➡️ /teslajoin.io

Tweet media one

Tweet media two

Tweet media three

0

10

21

@0xDanielLopez

Daniel López

1 year

At a glance, URLs @malwrhunterteam shared this week.

Tweet media one

@malwrhunterteam

MalwareHunterTeam

@malwrhunterteam

1 year

Okay, today I will not spent a single second searching for examples. If after the past weeks' countless examples not only from me but @1ZRR4H @wdormann & others were not enough for someone to realise Google is a fucking criminal gang, some more examples wouldn't do it anyway...

2

0

11

1

7

19

@0xDanielLopez

Daniel López

4 months

🚨 Bunch of fake @MetaMask apps: • MetaMask.apk ef13b5b1322fabdfe7d9b912f7c928bd628e062265db6307d9253279bc42cc81 ➡️ /metamassk.cc • MetaMask3.apk 8f425ea306da925eb8dd76f6ef41ed5da7db268f73e5513b496c172e76da204b ➡️ /matemank.io • metamask_pro.apk

Tweet media one

Tweet media two

Tweet media three

Tweet media four

0

10

20

@0xDanielLopez

Daniel López

2 years

Prueba de concepto de #BITB by @mrd0x 🔗 (+ info: )

Tweet media one

@cibernicola_es

Marc Almeidaˎˊ˗

@cibernicola_es

2 years

3

3

12

0

5

19

@0xDanielLopez

Daniel López

1 year

Several active scams targeting @TwitterBlue 🎯 ➡️ /twitterhelpus.com ➡️ /twitterhelpblue.com ➡️ /twitterbluehelp.com ➡️ /twitterhelp-blue.com ➡️ /twitterhelpsblue.com 👉 20.245.103.30 [ @microsoft ] #phishing | #scam

Tweet media one

Tweet media two

1

12

19

@0xDanielLopez

Daniel López

1 year

Phishings activos contra @Correos 🎯 ➡️ /correost-es.xyz ➡️ /es-correts18.top Registrar: @namesilo Exfil mediante Telegram, config en: /ResourceConfig/urlConfig.json #phishing | #scam

Tweet media one

Tweet media two

Tweet media three

4

11

18

@0xDanielLopez

Daniel López

3 years

And another fresh sample of #NotFlubot #Toddler #Anatsa #Teabot ... 421c8b3b4e7123c8f0608dc638de983d9fd3251549af3a74f7742abd6913106a cc @malwrhunterteam @JosepAlbors @alberto__segura

Tweet media one

Tweet media two

Tweet media three

Tweet media four

@alberto__segura

Alberto Segura (https://infosec.exchange/@asegura)

@alberto__segura

3 years

Just received this SMS whose link downloads the following sample of #NotFlubot #Toddler #Anatsa #Teabot C2: hxxp://185.215.113[.]31:84/api/

Tweet media one

0

1

8

0

10

18

@0xDanielLopez

Daniel López

3 years

@redcanary @likethecoins Maybe something like TweetFeed can help on the third point here: 🔗 Nice blog

Tweet media one

1

1

17

@0xDanielLopez

Daniel López

2 years

Cerca de 8 meses después, en el repo de hay: 🔗 𝐔𝐑𝐋𝐬: 77k 🌐 𝐃𝐨𝐦𝐢𝐧𝐢𝐨𝐬: 16k 🚩 𝐈𝐏𝐬: 46k 🔢 𝐒𝐇𝐀𝟐𝟓𝟔: 34k 🔢 𝐌𝐃𝟓: 2k Larga vida al SOCMINT

Tweet media one

1

6

17

@0xDanielLopez

Daniel López

6 months

They modified Twitter/X API to prevent bots, but nothing changed. Seems like only legit developers were affected. 🤷🏻‍♂️

Tweet media one

1

5

17

@0xDanielLopez

Daniel López

2 years

Varios #phishing activos contra @Correos 🔗 /apnara.com/Correos/Correos/ 🔗 /correos-es.dk-bau-office.de/correos/Seleccione_medio_de_pago.php 🔗 /offcina-postecorroes.com/servicio/correos/Seleccione_medio_de_pago.php

Tweet media one

2

10

17

@0xDanielLopez

Daniel López

3 years

Sevilla ♥️

Tweet media one

0

1

17

@0xDanielLopez

Daniel López

1 year

Bots still using @googledocs to host cryptoscams: • Metamask • Coinbase • Trust Wallet • ... ➡️ #phishing | #scam

Tweet media one

Tweet media two

Tweet media three

Tweet media four

1

13

16

@0xDanielLopez

Daniel López

3 years

Squid's game infosec version: One of these 2 domains is Microsoft's legit site, the other one can be used for bad purposes. Which one would you choose? A. B.

Tweet media one

4

13

16

@0xDanielLopez

Daniel López

1 year

Some wallet drainers using @github pages: 👤MINT-NFTS → Ordinal-Punks → Planet-COCO → Escape-By-Skid → Cool-Cats → BLUR-AIRDROP-3 🔗 /github.com/MINT-NFTS 🔗 /mint-nfts.github.io #scam | #NFT

Tweet media one

Tweet media two

Tweet media three

@phishunt_io

phishunt.io

1 year

#SCAM 👤 🔗 /linktr.ee/blurtoken 🔗 /mint-nfts.github.io/BLUR-AIRDROP-3/

Tweet media one

0

0

2

6

9

16

@0xDanielLopez

Daniel López

2 years

Verified account spreading scams (impersonating @OthersideMeta ): 👤 🔗 /othersïde.xyz 🔗 /xn--othersde-z2a.xyz

Tweet media one

Tweet media two

Tweet media three

Tweet media four

2

12

16

@0xDanielLopez

Daniel López

1 year

@Twitter New active scams targeting Twitter: ➡️ /twitterusp.com ➡️ /twitteropc.com ➡️ /twitterups.com 📍 113.30.190.149 ( @KamateraCloud ) Also: ➡️ /twitter-suport.com #phishing | #scam

Tweet media one

Tweet media two

Tweet media three

Tweet media four

1

9

15

@0xDanielLopez

Daniel López

3 years

#scam #phishing Couple of scams impersonating @TrustWallet support team. - Through fake support email via @gmail - Requesting wallet's seed via @googledocs /docs.google.com/forms/d/e/1FAIpQLSeLjRlxAhjprlR09ePelgtwyLSjO19SE4eIU-lLTTGhXHbXPQ/viewform

Tweet media one

Tweet media two

Tweet media three

Tweet media four

1

6

14

@0xDanielLopez

Daniel López

1 year

Kudos to all the folks sharing IOCs, TTPs, blogs and all kind of infosec stuff here in Twitter: 👤 @CuratedIntel 👤 @malwrhunterteam 👤 @1ZRR4H 👤 @BushidoToken 👤 @dubstard 👤 @Iamdeadlyz 👤 @idclickthat And many, many more. Wishing a happy new year to all of you! 🥂

5

2

16

@0xDanielLopez

Daniel López

3 years

🚨 New company being used as lure in SMS campaigns: @UPS Sample: 451a696c54ba75865e3fa795975d619659c7f26d2e8ab40049326df78809c2fc Some sources: 🌐 /tsbl.in/dhl/ 🌐 /nucleisense.com/dhl/ 🌐 /envolve.adv.br/dhl/ cc @malwrhunterteam @JosepAlbors @alberto__segura

Tweet media one

Tweet media two

Tweet media three

1

3

15

@0xDanielLopez

Daniel López

2 years

Fake @MetaMask support via DM. From: "Don't trust someone who is sending you a direct message" 😅

Tweet media one

5

6

13

@0xDanielLopez

Daniel López

5 months

OJO! Si usas el operador @orange y no te funciona internet esto tiene algo que ver 😅 Gracias @malwrhunterteam por el aviso!

@malwrhunterteam

MalwareHunterTeam

@malwrhunterteam

5 months

🤔 @0xDanielLopez

Tweet media one

Tweet media two

Tweet media three

3

16

49

2

9

15

@0xDanielLopez

Daniel López

1 year

Phishings activos contra @Correos 🎯 ➡️ /correosespaña.com ➡️ /pagar-recibo.info #phishing | #scam

Tweet media one

Tweet media two

0

11

15

@0xDanielLopez

Daniel López

3 years

Quizás habría que darle una vuelta al acortador de URLs del Ministerio de Hacienda.

Tweet media one

Tweet media two

Tweet media three

Tweet media four

1

4

16

@0xDanielLopez

Daniel López

5 months

Using MISP? Integrating TweetFeed into @MISPProject using Python 🔥 by @lontze7

Tweet card media

Integrating TweetFeed into MISP using Python

Integrating a variety of feeds into your Threat Intelligence Platform (TIP) is a continuous process for providing your security tools…

0

3

15

@0xDanielLopez

Daniel López

1 year

@nas_bench actually or are widely used to host fraud cases.. 🔗 🔗 🔗

Tweet media one

Tweet media two

Tweet media three

Tweet media four

1

3

15

@0xDanielLopez

Daniel López

2 years

@campuscodi lol

Tweet media one

1

4

15

@0xDanielLopez

Daniel López

2 years

Still verified accounts compromised and spreading #scam This time impersonating @ARKInvest & @elonmusk 👤 👤 🔗 /musk-charity.com 🔗 /arkconference.com

Tweet media one

Tweet media two

Tweet media three

Tweet media four

1

11

15

@0xDanielLopez

Daniel López

2 years

Analysis of several open CTI Feeds by @silentpush Happy to see and myself between all these vendors! 🔗

Tweet media one

Tweet media two

Tweet media three

0

6

14

@0xDanielLopez

Daniel López

2 years

🖼️ Some tricks to check the final URL before clicking on link shorteners

Tweet media one

0

9

15

@0xDanielLopez

Daniel López

2 years

@malwrhunterteam @dubstard @CloudflareAbuse @1ZRR4H @JCyberSec_ Interesting example of the scams related to the verified accounts. Two steps: 1. Fake Twitter login page: 🔗 /fudbot.hu/login1/i/flow/login.php 2. Fake giveaway: 🔗 /fudbot.hu/BTC/ Same domain for both steps. Seen from:

Tweet media one

Tweet media two

Tweet media three

1

10

12

@0xDanielLopez

Daniel López

2 years

REMINDER - Top bad domains that should be blocked: by @1ZRR4H

@1ZRR4H

Germán Fernández

2 years

TOP 15 dominios utilizados por #Malware : ddns[.]net hopto[.]org duckdns[.]org zapto[.]org myftp[.]biz linkpc[.]net no-ip[.]biz no-ip[.]org ngrok[.]io sytes[.]net portmap[.]io publicvm[.]com portmap[.]host myddns[.]me myftp[.]org Bloquea a nivel corporativo 🛡️

Tweet media one

11

132

400

0

4

14

@0xDanielLopez

Daniel López

3 years

Llega el verano (y las vacaciones) Puede que empiecen a aparecer estafas suplantando agencias de viajes 👇🏻

@malwrhunterteam

MalwareHunterTeam

@malwrhunterteam

3 years

Not that much detected "Barcelo Contrataciones.apk": fd743214d1d6c725f51116873b230d0828c787a40caf258c888ad9baa1019338 https://contratacionesbarcelo[.]com/descargas/ -> https://contratacionesbarcelo[.]com/descargas/Barcelo%20Contrataciones.apk 🤔 @JosepAlbors @danlopgom

Tweet media one

Tweet media two

Tweet media three

2

3

12

0

4

14

@0xDanielLopez

Daniel López

1 year

Un placer compartir mi punto de vista sobre las campañas de estafas (Agencia Tributaria y otras) hoy en Telenotícies de @tv3cat ➡️ (~32:15)

Tweet media one

1

2

14

@0xDanielLopez

Daniel López

2 years

⚠️ Verified account impersonating @OthersideMeta 👤 🔗 /otherside-portal.com cc @Namecheap

Tweet media one

Tweet media two

Tweet media three

1

6

13

@0xDanielLopez

Daniel López

3 years

#FluBot | Couple of fresh samples from today: 97db08af5ff9572295933f8371d2171cfb7f34be515edb2fb74242a4450da9e2 5aa2111b18cc250874b5ba2243bdce2b08ab091b3205f09dca487f90268cb7a7 cc @malwrhunterteam @JosepAlbors @alberto__segura

Tweet media one

Tweet media two

Tweet media three

Tweet media four

4

8

14

@0xDanielLopez

Daniel López

2 years

🚨 Cuenta oficial de Canon en México vulnerada y utilizada para estafas de @BoredApeYC - 🎯 @BoredApeYC | @apecoin 🔗 /ape-coin.online

Tweet media one

Tweet media two

Tweet media three

2

10

12

@0xDanielLopez

Daniel López

1 year

El Grupo de Delitos Telemáticos tendrá mejores cosas que hacer que publicar tuits, pero los consejos del CM en la cuenta oficial quizás deberían revisarse.

1

0

14

@0xDanielLopez

Daniel López

2 years

Scams: 🔗 /elonforukraine.com 🔗 /elonwithukraine.com 🔗 /musk-event.info 🔗 /musk-distribution.com 🔗 /merge-info.com [ 2 / 2 ] #scam #phishing

Tweet media one

Tweet media two

Tweet media three

1

7

14

@0xDanielLopez

Daniel López

1 year

Recientes smishings donde la URL final incluye: • Nombre • Apellidos • Email • Teléfono • Dirección física de la persona que recibe el SMS. ➡️ /aselun.com ➡️ /message.pluscactus.com #phishing | #scam

Tweet media one

Tweet media two

Tweet media three

Tweet media four

0

11

14

@0xDanielLopez

Daniel López

2 years

⚠️ 𝐕𝐞𝐫𝐢𝐟𝐢𝐞𝐝 account impersonating @elonmusk -

Tweet media one

3

8

13

@0xDanielLopez

Daniel López

2 years

• COVID-19 • Office365 • AT&T • Crypto • Whatever you want 👍🏽 Find a bunch of scams on Google Forms below: 🔗

Tweet media one

Tweet media two

Tweet media three

Tweet media four

@BleepinComputer

BleepingComputer

@BleepinComputer

2 years

Google Forms abused in new COVID-19 phishing wave in the U.S. - @billtoulas

0

18

34

1

11

13

@0xDanielLopez

Daniel López

5 months

🚨 SMS malicioso recién recibido → Cuidado en fechas/días como el de hoy. IOCs: ➡️ /u.to/yok4IA ➡️ /srv206193.hoster-test.ru/cliente/servisco/auth/index.php #phishing #scam #correos

Tweet media one

Tweet media two

3

7

13

@0xDanielLopez

Daniel López

2 years

Another verified account impersonating @OthersideMeta and spreading scam: 👤 🔗 /otherside2.xyz cc @Namecheap

Tweet media one

Tweet media two

Tweet media three

4

7

12

@0xDanielLopez

Daniel López

2 years

@googledocs @malwrhunterteam @dubstard @1ZRR4H more and more cryptoscams being spread using @googledocs : 🔗 🔗 🔗 🔗 🔗 🔗 🔗 🔗 ...

Tweet media one

Tweet media two

Tweet media three

Tweet media four

1

14

13

@0xDanielLopez

Daniel López

2 years

@malwrhunterteam @dubstard Several verified accounts are being used to spread scams: - - - - - 🔗 /winktrust.com/gemini-giveaway 🔗 /livemoon.io cc @CloudflareAbuse

Tweet media one

Tweet media two

Tweet media three

Tweet media four

1

10

11

@0xDanielLopez

Daniel López

2 years

⚠️ Verified account spreading an @elonmusk theme #scam 👤 🔗 /linktr.ee/emgiving 🔗 /space-bonus.com Spambots (verified or not) are still alive on Twitter😐

Tweet media one

Tweet media two

Tweet media three

2

10

12

@0xDanielLopez

Daniel López

2 years

Verified accounts impersonating @elonmusk keep popping up 👤 👤 🔗 /tinyurl.com/2p868utc 🔗 /tinyurl.com/y6aekpu9 🔗 /tinyurl.com/2s4x23vy 🔗 /fabsinc.com/new/index.html

Tweet media one

Tweet media two

Tweet media three

Tweet media four

1

11

11

@0xDanielLopez

Daniel López

1 year

Interesting "Hacking Solutions" website promoted by bots. ▶️ Cryptocurrency Hack ▶️ Account Unlock ▶️ Email Hack ▶️ Social Media Hack ▶️ Phone Unlock ▶️ Game Activation 🔗 /accesscoder.com #scam | #spambots

Tweet media one

Tweet media two

Tweet media three

0

8

12

@0xDanielLopez

Daniel López

1 year

Varios phishings activos contra @Correos ➡️ /link-correos-es.com ➡️ /correos.es-paqueteria.es ➡️ /correos.es-localizador.com ➡️ /correos-lift.buzz ➡️ /correos-info.top ➡️ /correos-io.top #phishing | #scam

Tweet media one

Tweet media two

Tweet media three

Tweet media four

2

10

12

@0xDanielLopez

Daniel López

2 years

🤖 Many bots are popping up lately requesting donations... - - - - - - - - ... cc @malwrhunterteam @dubstard

Tweet media one

Tweet media two

Tweet media three

Tweet media four

2

11

12

@0xDanielLopez

Daniel López

2 years

Hope they wrote the entire code as bad as they write Spanish lol

@malwrhunterteam

MalwareHunterTeam

@malwrhunterteam

2 years

Some Spanish ransomware thing sample: 78bd79e04587e7cb4e0822ef430badd710aa1f10e5e227a6226ca17cca8a8c27 "Hackeado Puta" 😂 @demonslay335 @JosepAlbors @0xDanielLopez

Tweet media one

Tweet media two

1

13

31

0

7

12

@0xDanielLopez

Daniel López

1 year

Azure domains or Github, doesn't matter: ➡️ /myggovids.github.io Also: ➡️ /github.com/myjobsforgov ➡️ /github.com/izikoma/mygov.ato

Tweet media one

Tweet media two

Tweet media three

Tweet media four

@malwrhunterteam

MalwareHunterTeam

@malwrhunterteam

1 year

https://taxverification.z13.web.core\.windows.net/ The Australian Government sure likes that Microsoft is hosting such phishing sites, right? 😂 🤷‍♂️ @nullcookies

Tweet media one

2

2

12

0

7

12

@0xDanielLopez

Daniel López

3 years

@malwrhunterteam and another one from today: 006084004aea1cf26a5227fc2ce07997cf86796ffe820dcbe5e592263c895fc4 Some fresh sources: 🌐 /chonjunmo.com/track/ 🌐 /tianyun.info/trck/ 🌐 /luyihe.com.cn/trck/ 🌐 /luohu101.com/track/ 🌐 /dr-saadoun-dentiste.fr/track/

Tweet media one

Tweet media two

0

4

11

@0xDanielLopez

Daniel López

2 years

Verified account used to spread scams: - 🔗 /liveboost.net cc @CloudflareAbuse

Tweet media one

Tweet media two

Tweet media three

3

6

11

@0xDanielLopez

Daniel López

1 year

@MetaMask @sniko_ @malwrhunterteam @JosepAlbors @LukasStefanko • metamask.apk [ 1 / 63 ] a8a5a8f5cd100dec2403a0e8ca5b482cc4ad93457f61524f76bf59666aeb9d72 ➡️ /metamask6.cc #malware | #scam

Tweet media one

Tweet media two

Tweet media three

15

3

9

@0xDanielLopez

Daniel López

11 months

#TweetFeed update I've been trying to fix it with the API sub (Yes I paid 100 USD to Elon). Seems impossible to maintain even paying due to the 10K monthly cap. Screenshot below is the result of just a couple of days. TweetFeed is in halt for now...

Tweet media one

Tweet media two

@0xDanielLopez

Daniel López

11 months

Issues running #TweetFeed because of the restrictions and new API levels...

Tweet media one

1

0

6

2

1

12

@0xDanielLopez

Daniel López

1 year

Phishing activo contra la Universidad Complutense de Madrid ( @unicomplutense ) a través de @weebly 👇🏼

@malwrhunterteam

MalwareHunterTeam

@malwrhunterteam

1 year

https://serviceucm25.weebly[.]com/ @0xDanielLopez

Tweet media one

0

1

8

1

6

10

@0xDanielLopez

Daniel López

1 year

Phishings activos contra la Agencia Tributaria ( @informaticaaeat ) 🎯 ➡️ /agenciatnrbutaries.netlify.app ➡️ /agenciatributaria.top Engaña con posible reembolso de 263€ #phishing | #scam

Tweet media one

Tweet media two

1

8

11

@0xDanielLopez

Daniel López

2 years

⚠️ Some verified accounts impersonating @elonmusk 👤 🔗 /jointsl.com 👤 🔗 /2xstarlink.info

Tweet media one

Tweet media two

Tweet media three

Tweet media four

1

13

10

@0xDanielLopez

Daniel López

2 years

🚨 Several verified accounts spreading scams: - (3k followers) - (130k) - (3k) - (12k) cc: @malwrhunterteam

Tweet media one

Tweet media two

Tweet media three

Tweet media four

2

8

10

@0xDanielLopez

Daniel López

2 years

Huge number of fake accounts targeting @LooksRareNFT Searches: → → 🔗 /looksarer.org 🔗 /loooksarre.org 🔗 /lookserra.org 🔗 /looksrares.io 🔗 /lookisraer.org 🔗 ... cc @Namecheap

Tweet media one

Tweet media two

Tweet media three

Tweet media four

2

6

10

@0xDanielLopez

Daniel López

1 year

@Twitter @Microsoft @malwrhunterteam @1ZRR4H More: ➡️ /twitterhelp-back.com (*) ➡️ /twitterhelps-work.com (*) ➡️ /adih.ci/new/login.php (*) Hosted at @Microsoft #phishing | #scam

Tweet media one

Tweet media two

0

9

11

@0xDanielLopez

Daniel López

2 years

@Wimbledon @malwrhunterteam @1ZRR4H @JosepAlbors @dubstard @Iamdeadlyz And again #malware being spread on Youtube impersonating @Wimbledon players 📺 e7ecd9b9079792d9af71bab6411a4527ee7dda47772bc056b98a5e83fe1e7561

Tweet media one

Tweet media two

1

7

10