BC GOOGLE

Saved by @SteveeRogerr

Lesley Carhart
@hacks4pancakes 3 years, 3 months ago 595 views

Save to PDF Share See On Twitter

Good morning to all of you well rested infosec folks who are just now waking up to this newest catastrophe :)

Fine, fine, I’ll be nice. While you were sleeping, Google security notified of a long term (allegedly DPRK) SE campaign targeting infosec researchers on Twitter, ingratiating themselves into the community with minor research and blogs, then sending them malicious links and code.

The list of accounts is in the blog and 3 or 4 accounts were very active, messaged and drew in a ton of researchers, and successfully got some to execute malicious code in the name of exploit research. My thread is full of stories and screenshots. They hit a ton of people.

Here is the blog. https://t.co/T3No8Hj7xy

There are still a lot of unsubstantiated rumors and humble brags floating around about what else they did, so I would stick to the blog for now.

You need to check if you (or your team on work machines) interacted with any of these people, potentially followed malicious links, or amplified their social media posts.

@LawrenceAbrams also did not sleep: https://t.co/98UGrOk9fL

North Korean hackers are targeting security researchers with malware, 0-days - @LawrenceAbrams https://t.co/CkyMl6daoQ
— BleepingComputer (@BleepinComputer) January 26, 2021

Anyway https://t.co/FNL9H3uZDh

Am I doing this right? pic.twitter.com/MmxvYF6cJJ
— fraggLe! (@fwaggle) January 26, 2021

Here is a particularly poignant and well documented one, as he discovers in real time what happened... https://t.co/uibzAnNNUn

Hey folks, story time. A guy going by the name James Willy approached me about help with a 0-day. After providing a writeup on root cause analysis I realized the visual studio project he gave me was backdoored.
— Alejandro Caceres (@_hyp3ri0n) January 26, 2021

Anyway this is all novel not so much for the established sock accounts and Twitter SE (which *ahem* some researchers have been dealing with for ages 🤷🏻‍♀️🍸) but more because of the tactics of tricking exploit researchers into running malicious code, and burning a Chome 0day.

Good luck, all. VM all the things, and assume every inbound DM is gonna be a dickpic!

(This is also a very funny 5am joke because one of the fake people they used was named James Willy. Thank you, I have been here all night.)

You May Also Like

Learning @ Prakash
@Prakashplutus

My simple Approach towards Breakout trading :

1. Scan stocks on the basis of FTDB Scanner.

2. Buy stocks with EMA-9> EMA-21> EMA-63 > EMA 200 & Volume 200% up

3. maximum SL of 1.25X ( ATR )

4. I do breakout trading only in Nifty -500 stocks

#StockMarket
#trading
#Nifty

Steve
@braidedmanga

Ivor Cummins has been wrong (or lying) almost entirely throughout this pandemic and got paid handsomly for it.

He has been wrong (or lying) so often that it will be nearly impossible for me to track every grift, lie, deceit, manipulation he has pulled. I will use...

... other sources who have been trying to shine on light on this grifter (as I have tried to do, time and again:

Ivor Cummins BE (Chem) is a former R&D Manager at HP (sourcre: https://t.co/Wbf5scf7gn), turned Content Creator/Podcast Host/YouTube personality. (Call it what you will.)
— Steve (@braidedmanga) November 17, 2020

Example #1: "Still not seeing Sweden signal versus Denmark really"... There it was (Images attached).
19 to 80 is an over 300% difference.

Tweet: https://t.co/36FnYnsRT9

Example #2 - "Yes, I'm comparing the Noridcs / No, you cannot compare the Nordics."

I wonder why...

Tweets: https://t.co/XLfoX4rpck / https://t.co/vjE1ctLU5x

Example #3 - "I'm only looking at what makes the data fit in my favour" a.k.a moving the goalposts.

Tweets: https://t.co/vcDpTu3qyj / https://t.co/CA3N6hC2Lq

Advertisement

Vibhu Vashisth
@VIBHU_Tweet

Do you know?

The Golden Shine on the artificial jewellery of modern times is a gift by Nagarjuna.

Now,u might be wondering,who is Nagarjuna?

Nagarjuna was the name of an ancient Indian scholar&scientist whose name is associated with the fields of Alchemy,Chemistry& Metallurgy.

He conducted a number of alchemic and Metallurgical experiments directed towards transforming base elements into Gold.
According to Eduard Sachau's Alberuni's India, Nagarjuna was termed as a Metallurgist who was born 100 yrs before Alberuni's time, who was born in 973 CE.

According to some records Nagarjuna was born in 9th century CE near Somnath,Gujarat and according to some Tibetan & Chinese sources he was born in Vidarbha,Maharashtra from where he later migrated to Deccan region.

Edward Schau quotes in his book,'They have a science similar to Alchemy and Nagarjuna is famous for this science which they call as 'Rasayana'.

Nagarjuna's book 'Rasaratnakara' is one of the earliest documented texts on Alchemy,Chemistry & Metallurgy in Sanskrit.Nagarjuna successfully discovered through his experiments the alchemy of transmutation of base metals into Gold.This was not real gold but a gold like substance.

Rudy Havenstein, liste...
@RudyHavenstein

I hate when I learn something new (to me) & stunning about the Jeff Epstein network (h/t MoodyKnowsNada.)

Where to begin?

So our new Secretary of State Anthony Blinken's stepfather, Samuel Pisar, was "longtime lawyer and confidant of...Robert Maxwell," Ghislaine Maxwell's Dad.

"Pisar was one of the last people to speak to Maxwell, by phone, probably an hour before the chairman of Mirror Group Newspapers fell off his luxury yacht the Lady Ghislaine on 5 November, 1991." https://t.co/DAEgchNyTP

OK, so that's just a coincidence. Moving on, Anthony Blinken "attended the prestigious Dalton School in New York City"...wait, what? https://t.co/DnE6AvHmJg

Dalton School...Dalton School...rings a

Oh that's right.

The dad of the U.S. Attorney General under both George W. Bush & Donald Trump, William Barr, was headmaster of the Dalton School.

Donald Barr was also quite a

Donald Barr had a way with words. pic.twitter.com/JdRBwXPhJn
— Rudy Havenstein, listening to Nas all day. (@RudyHavenstein) September 17, 2020

I'm not going to even mention that Blinken's stepdad Sam Pisar's name was in Epstein's "black book."

Lots of names in that book. I mean, for example, Cuomo, Trump, Clinton, Prince Andrew, Bill Cosby, Woody Allen - all in that book, and their reputations are spotless.

Anshul Pandey
@Anshulspiritual

THE IMPORTANCE OF DEVI BEEJ / BIJA MANTRA.

Once Suutji in his discourse with King Janmajeya repeated the words of Vyasji regarding the pronounciation of the word ऐ. Vyasji had heard the importance of this word in a meeting of all important saints at Naimisharanya.

There this story was discussed.

In that gathering of such great sages, Rishi Jamdagni asked a question to all the eminent luminaries. He wanted to know which diety is the most revered and gets satisfied easily with our prayers. So Lomash rishi replied that Devi

Bhagwati was one such diety. She will be satisfied and is ready to grant you a boon even if you just say the first letter of her beej mantra. In this context he narrated the story of Satyavrat. The story is as follows.

There lived a Brahmin named Devdutt in Kosal.

He was childless. He arranged for an elaborate yagya for a intelligent son to be born. He invited all the eminent rishi's to conduct this Yagya. Rishi Suhotra, Pael, Brahaspati Yagyavalka were assigned different tasks. Rishi Gobhil was asked to sing the Saamved.

He sang the verses very well, but he had to take respite in order to breathe between two verses. This angered devdutt. He spoke his thoughts to Gobhil rishi.

The rishi got very angry as devdutt did not realise the practicalities of singing. He cursed devdutt that