BTC $63442.8276
ETH $3469.7477
BNB $414.4838
SOL $128.8578
XRP $0.6333
ADA $0.7553
DOGE $0.1556
AVAX $42.2817
DOT $9.6926
wstETH $4022.3454
TRX $0.1396
LINK $20.2249
WETH $3455.5461
MATIC $1.0912
UNI $12.3248
WBTC $63402.0644
BCH $454.1971
LTC $89.7149
IMX $3.2697
ICP $13.1197
FIL $10.0810
CAKE $3.2889
ETC $33.3804
LEO $4.7626
ATOM $12.4298
RNDR $7.5236
TON $2.6714
KAS $0.1683
HBAR $0.1120
INJ $39.9268
DAI $0.9998
OKB $57.5556
VET $0.0485
STX $3.0863
FDUSD $0.9998
WEMIX $2.8006
XLM $0.1364
NEAR $4.5218
PEPE $0.0000
XMR $146.1340
LDO $3.3155
GRT $0.3143
ARB $1.9894
THETA $2.3291
TIA $15.9776
ENS $21.4774
CRO $0.1387
BTC $63442.8276
ETH $3469.7477
BNB $414.4838
SOL $128.8578
XRP $0.6333
ADA $0.7553
DOGE $0.1556
AVAX $42.2817
DOT $9.6926
wstETH $4022.3454
TRX $0.1396
LINK $20.2249
WETH $3455.5461
MATIC $1.0912
UNI $12.3248
WBTC $63402.0644
BCH $454.1971
LTC $89.7149
IMX $3.2697
ICP $13.1197
FIL $10.0810
CAKE $3.2889
ETC $33.3804
LEO $4.7626
ATOM $12.4298
RNDR $7.5236
TON $2.6714
KAS $0.1683
HBAR $0.1120
INJ $39.9268
DAI $0.9998
OKB $57.5556
VET $0.0485
STX $3.0863
FDUSD $0.9998
WEMIX $2.8006
XLM $0.1364
NEAR $4.5218
PEPE $0.0000
XMR $146.1340
LDO $3.3155
GRT $0.3143
ARB $1.9894
THETA $2.3291
TIA $15.9776
ENS $21.4774
CRO $0.1387
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Infected VPN clients distribute spyware


    Since May 2022, Bitdefender cybersecurity researchers have discovered that infected VPN installers have been used to deliver EyeSpy spyware.

    The Bitdefender report states that the malicious campaign uses “components of the legitimate monitoring app SecondEye to spy on users of Iran’s 20Speed VPN service using trojanized installers. Most infections occur in Iran, in Germany and the United States - to a lesser extent.

    SecondEye is a commercial activity monitoring software that can work as a parental control system. SecondEye can:

    • take screenshots;
    • record sound from a microphone;
    • register keystrokes;
    • collect files and saved passwords from web browsers;
    • remotely control a computer to execute arbitrary commands.

    The chain of attacks begins when an unsuspecting user downloads a malicious executable from the 20Speed VPN website, indicating two likely scenarios: either the site's servers have been hacked to host spyware, or it is a deliberate attempt to spy on the Iranians who are downloading the VPN to bypass internet outages in the country.

    Once installed, the legitimate VPN service starts up and silently executes malicious commands in the background to establish persistence on the system and download the next step payload to collect personal data from the host.

    Bitdefender researchers have concluded that EyeSpy can completely compromise online privacy through keylogging and theft of sensitive information such as documents, images, crypto wallets and passwords. This can lead to total account takeover, identity theft, and financial loss.

    Author DeepWeb
    Cybercriminals are carving up the darknet market
    In 2023, neural network attacks will become a new milestone in cybersecurity

    Comments 0

    Add comment