loading

177843 author: abuse_ch@ioc.exchange 10 Feb 12:36
https://threatfox.abuse.ch/browse/malware/win.bumblebee/
tags: #deepseek

BumbleBee has recently switched their DGA 👀. The threat actor not only changed the seed but also moved from TLD .life to .click ☝️ They also apparently used #DeepSeek as a lure 🎣

🔑 RC4 key: NEW_BLACK
🌱 Seed: 335f5f96de576fb5

Active botnet C2s to block ⛔️:
45.155.249.85 servinga 🇳🇱
176.118.193.128 KernelHost 🇩🇪
103.214.68.123 ExtraVM 🇳🇱

Malware sample:
📄 https://bazaar.abuse.ch/sample/31b72e1c246b4f38e70f9c8c556a626b15736589860f3231001bb4ebae749239/

C2 domains:
📡

165797 author: GossiTheDog@cyberplace.social 28 Jan 2025 23:16
tags: #deepseek

I may be in need of a new job soon due to corp stuff. Might put this as my resume. 🤣

165757 author: Some_Emo_Chick@mastodon.social 28 Jan 2025 22:29
tags: #ai #deepseek #funny #meme #shitpost #tiananmen