DeXpose Blog
Researches, News, and more
Categories
Top Articles
On June 16, 2025, a suspicious domain impersonating AnyDesk — anydeske[.]icu — was reported on Twitter. The site served what appeared to be a legitimate remote access tool but actually delivered a malicious .NET loader.
Summary Recently identified previously undetected Kimsuky (also known as Black Banshee) infrastructure through advanced pivoting techniques. Using HTTP header analysis, SSL Cert and JARM fingerprinting. We uncovered several IPs and domains, many of them were
A recently observed phishing campaign impersonating Egypt Post (البريد المصري) has been attributed to the Smishing Triad, a well-documented cybercriminal group for their phishing (smishing) campaigns across multiple countries. The campaign impersonates Egypt Post, aiming
Introduction FleshStealer is a sophisticated, modular, and obfuscated .NET-based information-stealing malware designed for comprehensive data exfiltration from Windows systems. Its architecture is built for scale and stealth, utilizing multithreading to simultaneously run multiple data harvesting
Introduction Salat Stealer is a stealthy malware developed in the Go programming language, designed to infiltrate systems and extract sensitive data. Once it infects a device, it gathers extensive system information, such as hard drive
Introduction PureLogs is an advanced information stealer designed to extract credentials, session tokens, and system details while employing strong anti-analysis techniques. It encrypts stolen data using AES-256 before sending it to a remote Command &
Email breaches pose significant risks to personal security when unauthorized users access email accounts or sensitive data. Often, leaked credentials can end up being sold on the dark web, leading to consequences like identity theft
Introduction On February 11, 2025, Filescan.io shared a troubling discovery: a 6-month-old .NET PE injector had remained undetected on Archive.org, a platform widely used for archiving web content. The file was flagged as clean, allowing
