@infosec_jcp 🐈🃏 done differently<p><span class="h-card" translate="no"><a href="https://tldr.nettime.org/@remixtures" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>remixtures</span></a></span> </p><p>The more you know about how the <a href="https://infosec.exchange/tags/GreyMarket" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GreyMarket</span></a> of <a href="https://infosec.exchange/tags/CALEA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CALEA</span></a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> is whitelisted <a href="https://infosec.exchange/tags/StateSponsoredMalware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>StateSponsoredMalware</span></a>™ from <a href="https://infosec.exchange/tags/GammaGroup" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GammaGroup</span></a> <a href="https://infosec.exchange/tags/FinFisher" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FinFisher</span></a> <a href="https://infosec.exchange/tags/FinSpy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FinSpy</span></a> <a href="https://infosec.exchange/tags/Finsky" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Finsky</span></a> which is already installed on 100's of MILLIONS of devices in <a href="https://infosec.exchange/tags/AMER" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AMER</span></a> already.... the better.</p><p> 👀<br> 🔬</p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/SSM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSM</span></a>™ ☣️☣️🤳☣️☣️</p>
Recent searches
No recent searches
Search options
Only available when logged in.
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.
Administered by:
Server stats:
244active users
eupolicy.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.6
#greymarket
0 posts · 0 participants · 0 posts today
@infosec_jcp 🐈🃏 done differently<p>One of the key attributes of <a href="https://infosec.exchange/tags/StateSponsoredMalware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>StateSponsoredMalware</span></a>™ from <a href="https://infosec.exchange/tags/GammaGroup" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GammaGroup</span></a>'s <a href="https://infosec.exchange/tags/FinFisher" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FinFisher</span></a> <a href="https://infosec.exchange/tags/FinSpy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FinSpy</span></a> <a href="https://infosec.exchange/tags/Finsky" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Finsky</span></a> is understanding that it is a shim based mish mash of resident files that point to different parts of the other background services running.</p><p>Some are replaced stock system files modified to look like and are named the same as the original but are supplemented with additional API's that call the mutiple shims that has as it's main goal of getting complete persistence on your systems if it has not done so already. </p><p>🚩🚩🚩🚩One first sign is the battery drain this software uses. It has a weird side effect of NOT logging in this battery usage like normal applications and system. 🚩🚩🚩🚩</p><p>⚠️🚨⚠️🚨⚠️🚨⚠️ 🚨⚠️🚨⚠️🚨<br> This BATTERY DRAIN is a HUGE <br> first indicator of compromise.<br> ⚠️🚨⚠️🚨⚠️🚨⚠️🚨⚠️🚨⚠️🚨</p><p>Second is checking the BACKGROUND programs running list. There are SEVERAL background programs that indicates you have been compromised by GammaGroup's software, especially on <a href="https://infosec.exchange/tags/Android" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Android</span></a> , <a href="https://infosec.exchange/tags/IOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IOS</span></a>, <a href="https://infosec.exchange/tags/MacOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MacOS</span></a>, <a href="https://infosec.exchange/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Windows</span></a>, & <a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linux</span></a>.</p><p>There are attaccc features also which spread, from a library of PNGs with URL arrays embedded to their <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> services that launch attaccc's based on certain PSTN calls, web browsing & also MMS & SMS interactions.</p><p>For example, receiving an SMS or MMS can activate things on your computer or wireless device to do things like start a running process shim like start or restart specific services.</p><p>There is also a <a href="https://infosec.exchange/tags/MITM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MITM</span></a> <a href="https://infosec.exchange/tags/ForcedMDM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ForcedMDM</span></a> & <a href="https://infosec.exchange/tags/proxying" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>proxying</span></a> ability to use your end point as an attaccc node completely behind the scenes without your intervention or knowledge unless you are logging your traffic which also could be bypassed also as has been seen previously. That is on purpose.</p><p>Continued..... <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/GreyMarket" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GreyMarket</span></a> <a href="https://infosec.exchange/tags/CALEA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CALEA</span></a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> <a href="https://infosec.exchange/tags/investigations" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>investigations</span></a> <a href="https://infosec.exchange/tags/RTDNA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RTDNA</span></a> ☣️🔍🧐</p>
Sohan Dsouza<p>A thread on the <a href="https://mstdn.social/tags/Southport" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Southport</span></a> riots misinfo and the incentives driving the platform digital asset market that played a role in one of the sites that legitimized it.</p><p><a href="https://threadreaderapp.com/thread/1822244897635577857.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">threadreaderapp.com/thread/182</span><span class="invisible">2244897635577857.html</span></a></p><p><a href="https://mstdn.social/tags/OSINT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OSINT</span></a> <a href="https://mstdn.social/tags/misinformation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>misinformation</span></a> <a href="https://mstdn.social/tags/UK" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UK</span></a> <a href="https://mstdn.social/tags/socialMedia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>socialMedia</span></a> <a href="https://mstdn.social/tags/platforms" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>platforms</span></a> <a href="https://mstdn.social/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a> <a href="https://mstdn.social/tags/engagementFarming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>engagementFarming</span></a> <a href="https://mstdn.social/tags/greyMarket" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>greyMarket</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload