fsebugoutzone.org:9999

       Post APilxeUrscR5PPhaVM by ankit_anubhav@infosec.exchange
 (DIR) More posts by ankit_anubhav@infosec.exchange
 (DIR) Post #APiflFf5n6SlBUBj5k by ankit_anubhav@infosec.exchange
       2022-11-18T06:19:24Z
       
       0 likes, 0 repeats
       
       Last week, I mentioned about ioc.exchange used for c2 fronting , where attackers put the next stage in &quot;about me&quot; and the abusing profile was taken down asap by the moderators.This doesnt&#39; by any chance show a security issue on the platform.Here is a malware communicating to twitter , where the hacker has posted malicious URL as twitter status as base 64, and its up since *7+ years* without fail.Hence the key takeaway, as long as the report abuse is taken action on, all is good.cc @jerry @campuscodi @seb @Myrtus  @charlesdardaman @gossithedog
       
 (DIR) Post #APilxdmuW3H3D58TzM by avuko@infosec.exchange
       2022-11-18T07:02:46Z
       
       0 likes, 0 repeats
       
       @ankit_anubhav @jerry @campuscodi @seb @Myrtus @charlesdardaman @gossithedog does this by any chance have anything to do with ioc.exchange being on a blocklist somewhere? Something caused/causes the domain to not be allowed on the bird site.
       
 (DIR) Post #APilxeUrscR5PPhaVM by ankit_anubhav@infosec.exchange
       2022-11-18T07:06:54Z
       
       0 likes, 0 repeats
       
       @avuko @jerry @campuscodi @seb @Myrtus @charlesdardaman @gossithedog I do not have evidence to confirm/deny it.However I know of the domain being sadly on blocklists ( both public / enterprise specific ) for this reason.The abuse predates Elons&#39; takeover when many people including me havent&#39; heard about mastodon.Probably people thought, its a rare domain, connects to c2 and very few people use it for legit, so block it.
       
 (DIR) Post #APilxf040dOCyAIV84 by seb@ioc.exchange
       2022-11-18T07:29:53Z
       
       0 likes, 0 repeats
       
       @ankit_anubhav @avuko @jerry @campuscodi @Myrtus @charlesdardaman @gossithedog My guess is that Twitter integrates with VT API. We have been playing catch-up with VT vendors for weeks. You get them to remove you from the block list and then the next day two other vendors block you...https://www.virustotal.com/gui/domain/ioc.exchange