@jedisct1 New #cerber ransomware hits UDP 6891 on every IP from 87.98.128.0 to 87.98.159.255 https://www.hybrid-analysis.com/sample/2d08ffeba708fb833404d2c320ea4f29365c791d504181e08e3e9b529f5cf096?environmentId=1 …
@DanielGallagher Know what the purpose is? Looking for Bittorrent nodes? It doesn’t seem to send anything then except to woodgroovebank\.com
-
-
@jedisct1 I was thinking its looking for nodes except it doesn't seem to find any. Possibly searching for C2 on a VPS? -
@DanielGallagher I tried to blackhole 87.98.0.0/16, but it didn’t prevent the locker from doing its job. *attention* *attention* ... - 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.