sample Archives - DeXpose blog

DeXpose Blog

Researches, News, and more

AnyDesk Clone Drops .NET Loader with AES Encrypted Payload and AV Evasion Delivering Phemedrone Stealer

June 23, 2025

Egypt Post Impersonation Linked to Smishing Triad

May 30, 2025

June 23, 2025

AnyDesk Clone Drops .NET Loader with AES Encrypted Payload and AV Evasion Delivering Phemedrone Stealer

On June 16, 2025, a suspicious domain impersonating AnyDesk — anydeske[.]icu — was reported on Twitter. The site served what appeared to be a legitimate remote access tool but actually delivered a malicious .NET loader.

Learn More

May 30, 2025

Egypt Post Impersonation Linked to Smishing Triad

A recently observed phishing campaign impersonating Egypt Post (البريد المصري) has been attributed to the Smishing Triad, a well-documented cybercriminal group for their phishing (smishing) campaigns across multiple countries. The campaign impersonates Egypt Post, aiming

Learn More

Our services

Partnership

Quick Access

Get Free Exposure Report

Get free exposure report for your domain name which include markets, malwarelogs and breaches

DeXpose Blog

Researches, News, and more

Categories

Top Articles

AnyDesk Clone Drops .NET Loader with AES Encrypted Payload and AV Evasion Delivering Phemedrone Stealer

Egypt Post Impersonation Linked to Smishing Triad

AnyDesk Clone Drops .NET Loader with AES Encrypted Payload and AV Evasion Delivering Phemedrone Stealer

Learn More

Egypt Post Impersonation Linked to Smishing Triad

Learn More

Our services

Partnership

Quick Access

Get Free Exposure Report