Replied in thread
@sudelsurium
Ich bin kein Zeichner, aber auch mich kotzt es offen gestanden tierisch an, das hier im Fediverse das sinnvolle Hashtag StarterPack gekappert wurde, um die Timeline mit diesem geistlosen Mist voll zu #spam en!
Recent searches
Search options
#spam
74 posts55 participants2 posts today
This individual has shown a pattern of dishonesty and should be considered a grifter unless proven otherwise. Moreover, this spam has no place in a vegan group. The focus here should be on veganism, and introducing unrelated personal issues only distracts from the purpose of this space. Clearly, this person has no regard for that. Please refrain from donating to help discourage this behavior.
#scam #spam
zotum.netZotum
Replied in thread
@Uair @TwoClownsEating I will take this as my cue for unsolicited Monty Python GIFS
#spam
GIF
A new level of ineptitude in AI-translated #spam
"[SPAM] 
Gerade Anruf unbekannte Handynummer: (gekürzt)
C: Hallo hier die Firma Solarz.
H: Ja, was wollen sie?
C: Haben sie sich schon einmal Gedanken über eine Solaranlage gemacht?
H: Nein, wieso, wir haben hier Öl!
C: Ja, aber ich meine doch wegen Strom, das wird immer teurer!
H: Nein, ich habe über Verivox einen billigen Anbieter von konventionellem Strom! Nicht so Biozeug!
C. Ok, da sind sie wohl kein potentieller Kunde.
Meine Partnerin lag dabei schon fast platzend unter dem Tisch.
#PV #Spam
AkiraBot, an AI-powered platform, spams website chats and forms to promote dubious SEO services. It has targeted over 400,000 websites since September 2024, using #OpenAI to generate custom messages that bypass #spam filters
https://thehackernews.com/2025/04/akirabot-targets-420000-sites-with.html
Aus gegebenem Anlass: 
Aus #Klaviersdelikte von #BodoWartke.
YouTube: https://www.youtube.com/watch?v=btsh1qNOIEA
Invidious: https://inv.nadeko.net/watch?v=btsh1qNOIEA
Finally got Nicole'd as well. Was already feeling very inadequate 
(I do wonder why they are not even bothering to change the name on their spam persona. By now, everyone and their uncle knows about this, no?)
A spam framework targets website chats/forms using CAPTCHA bypass and network evasion.
AkiraBot Spammed Websites by using Evasion Techniques
Akirabot is a sophisticated Python framework has successfully targeted websites
using advanced techniques to bypass security measures and deliver AI-generated
spam.
Pulse ID: 67f87aa1dffcefb96c594f87
Pulse Link: https://otx.alienvault.com/pulse/67f87aa1dffcefb96c594f87
Pulse Author: cryptocti
Created: 2025-04-11 02:12:49
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.
Continued thread
However, because this attack has been going on for two weeks, some endpoint protection tools (well, about a third of them) are catching on that this particular file is bad, and should feel bad.
https://www.virustotal.com/gui/file/13d71b884a0625f3aa3805fb779d95513d0485671ab8c090a0c790ceda071e63
The most important lesson here is that attackers always come up with new ways to evade detection. Using a commercially available, normally legitimate remote access tool with a valid cryptographic signature lets the attacker bypass some kinds of endpoint detection.
Remember to check the From: address in emails, and the destination of any links they point to. You can do this by hovering your mouse over the link without clicking, and waiting a second. If it says it's from the SSA, but it isn't pointing to SSA.gov, then it's a lie.
If you find content like this useful, please follow me here, or on LinkedIn: https://www.linkedin.com/in/andrew-brandt-9603682/
9/fin
Continued thread
When clicked, the button delivers malware, but it's an unexpected payload: A client installer for the commercial remote-access tool ConnectWise.
Every time I clicked the download link, it gave me the same file with six different random digits appended to the filename. Note that it is not, as the website implies, a PDF document, but a Windows executable file, with a .exe extension.
8/
Continued thread
This is where I tell you: don't do this! I am a trained professional. I click all the bad links so you don't have to. I am going to show you what happens next.
A button appears on this page, labeled "Access Your Statement." The site serving up this payload delivers a file named "Social Security Statement Documents [six digit random number].exe"
7/
![The site delivers a file named "Social Security Statement Documents [six random numbers].exe" and the numbers change every time you download the file.](https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/315/295/467/802/679/original/94c3ecee76c17cc1.png "The site delivers a file named \"Social Security Statement Documents [six random numbers].exe\" and the numbers change every time you download the file.")
Continued thread
Finally the target lands on a page on the InMotion site that closely resembles the look-and-feel of the content in the email message.
The page tells the visitor, in part "Download your statement as a PDF file" and "For security reasons, we recommend accessing your statement through your secure device."
Spoiler alert: It was not a PDF file.
(Edit: A reader informs me that this appears to be the hosting space used by the temp agency website, and that for whatever reason, the URL appears differently here.)
6/
Continued thread
The target's browser then lands on another website, hosted by a large hosting service, InMotion Hosting. As with the temp agency website, the attackers have set up multiple URLs on this site, where the first URL performs a 302 redirect to go to the second URL, for no apparent reason other than to create the URL equivalent of a Rube Goldberg contraption.
5/
