Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft Indicators of Compromise ========================================================================================= [Spammer profiles] https://www.facebook.com/shayra.bano.12914 https://www.facebook.com/Wilburn.Vala.0850643 https://www.facebook.com/profile.php?id=61561858074634 https://www.facebook.com/Dillon.McLoy.0999590 https://www.facebook.com/profile.php?id=61562493923231 https://www.facebook.com/dylan.ottinger.10 https://www.facebook.com/profile.php?id=61561045841871 https://www.facebook.com/muttu.baramgudra https://www.facebook.com/shayra.bano.12914 https://www.facebook.com/profile.php?id=100091793059322 https://www.facebook.com/Carolynn.Swanger.0972572 https://www.facebook.com/Roxana.Degrella.0954947 https://www.facebook.com/Ciara.Farber.0152662 [Stolen pages] https://www.facebook.com/profile.php?id=61550017359903 https://facebook.com/61555812617657 https://facebook.com/100069540584826 https://facebook.com/61556395670857 https://facebook.com/61562174998252 https://facebook.com/BYSABOGADOS https://facebook.com/61550017359903 https://facebook.com/agenciarigo https://facebook.com/100063829913368 https://facebook.com/cadernoinformativo https://facebook.com/EvortoAl https://facebook.com/100091776829087 https://facebook.com/100063938959458 https://facebook.com/175northmainstreetwhartonnj https://facebook.com/100070713015215 https://facebook.com/perfectdayweddingflowersuk https://facebook.com/61559150803484 https://facebook.com/cyclelabz https://facebook.com/ApiNanoOfficial https://facebook.com/100087424360409 https://facebook.com/thomasdextertd https://facebook.com/61558352185092 https://facebook.com/OBJEKTIFSHOOTOFF https://www.facebook.com/Frankowicze2017 https://www.facebook.com/profile.php?id=100076346014672 https://www.facebook.com/profile.php?id=100086295717476 https://www.facebook.com/profile.php?id=100063545642399 https://www.facebook.com/NiezbednikAdwentowy https://www.facebook.com/profile.php?id=61556176354110 https://www.facebook.com/FerOrtizHND https://facebook.com/100063969908263 https://www.facebook.com/profile.php?id=100063679533167 [Link URL] https://linkup.top/helpcenteraccount.us https://linkup.top/businesshelpaccount.us https://linkup.top/businesshelpaccount.us https://bio.link/contactcase82495 https://s.id/meta-helpcenter-case89166 https://metabusinesssupportcenter.linkbio.co/ https://linkup.top/helpcenteraccount.us https://linkup.top/metateamsupport.com https://linkbio.co/verifybussiness https://mssg.me/supportproteam.com https://tinyurl.com/36ahx3es https://dtg-help-277.pages.dev/ [Phishing pages] https://businesscenter.fbb16.click/ https://metaverifybusiness.sp247.click/ https://support-team-account.fbb2024-20.click/ https://techsupportcenter1902.click [Stolen data collector] https://zoro-api.vlhentaiz.com/LoginProcess/ https://usop-api.vlhentaiz.com/LoginProcess/ https://tokyo-api.vlhentaiz.com/LoginProcess/ [Fake websites] evotophoto.com evotoforpc.net [Malicious ITarian configurations] token URL Kia5weA1 itstrq.itsm-us1.comodo.com o2e0uS6K withthreekitties.itsm-us1.comodo.com NBx9nrzO itstrq.itsm-us1.comodo.com LLyOK4DZ nigx2a-msp.itsm-us1.comodo.com [Lumma Stealer C&C server] applyzxcksdia.shop outpointsozp.shop importancedopz.shop applyzxcksdia.shop warrantelespsz.shop aggiledpozm.shop [Hashes] e9ab13c12e16a1f6d1aeac21b000336979ac33f08ef4fe0c0de79a74bd903024 f2782ed28005af0cbc2d242faef16d352b04ba6f654d8d16477c6b5360fff981 d43c8152d85c01429e01ad4d6cb4b3af9b0bfc03da2026d293c5a9d055fa3424 0e70afbd7b2518b7abf718d09597fa8dc26d2e40f4247e3dc6903117a20cd11c d66586c15ba491a1f30273a0598da458bcc5b4a71407ba146206316dced0a969 5d4a3078622db5997016f0d6c699ab524622cc674cddf0721ecc3b4678d31bb6 a1900395acfbdc9913d9368d05a9976ff2547dd560f53786d3c2fbcae3478ef9 48d0b40658c98c0e3c05b9509afc822dddaeeb416967dc30df16feb53c79015d dbe0e8928f89e29c01245ba51638eb3c86a64ec85a5fbc846e4980630edb30de 50e5f670700243535f8ff558831dbbc314b215092f523355aa7a1c26205ece37 50e5f670700243535f8ff558831dbbc314b215092f523355aa7a1c26205ece37 ce416d42fca8e86a84b4257c1d51f79c371d90457d016c397439e09983a3d40a 2f9646f18d3c0d5990e732f1f4288a8a05c1dac01c1a2a0d504f74692b787e71 a48d15cc79993f280af4121ed6b301a6dee3882e39936b5f2d90a0d4b41e119d 24049e34227ef86da65c5a6621cc2333a3e6dc0e12a282ec3635f12f9b570d52 310c711c095554f75406a26c1c2193d4daa7f05e1dc496ed2fb3e4546c3e74a8 b187584e5d168a6e64fc2e84fc6416e199231ccdc985374c72013b64a2e7591c 34e7793b53098cf704956b46b5e5e251aa106086ab70aa9eda19fab38f62a13b 26e8003f9e7046c4d776ed59cbaa6e61a8abecf519f731c2d3e8b7ea31ed0d3f 058d890b17c9b28e30255e079fd228f846e669e3d167e61174d7483d7b1755a0 00268a313003939f7ac6aaaf2f8c9628814c74b5804042e514f9b35781797d62 7bfeb7076c8aaaf05ebb05a13835f34038b11964c999c15951026334e60b772f 83b1dbc812f27b5d1e6f3d410f4e1f1aebc249862f730610158366821887f4fa daa03bec4eab760916059e796627357c480e5c7476c21e549ff2b7ff52597999 c7ff2ba573d7ed7430e4d17afbe373581c88a6b5f46a431938e4791702d2a03a d3649001232536a97e473f5e26ea8ac59672132666c099baec41f438f2e7298d 818cfee8c60eb62553d1522567259385603559137088fbefc1fd13d53e36568f ec9da3c0ec75f89f76514155ad4b8900f7a9a726c0c7d17b797f9b1facdc8363 9ca5fd6ca3630902ab0e20c8a0341d72e810af919e1267a5074d08cc2b0c935c cb1ac980514a5460e2f62c4006c39ea7b8d8cecf20037f367ae4176ddd739f5f 860013af5b467273458f9207a21fb9228a0aa572cd20fa53bd1a527c6822c9d5 82b6c9d6b8ac992c765c27517592173214fb2cdbefbc17234b938c397740720d 0cc0663e4c4510649ac20acad9fb057bf75c9ac3845dec699a143c48a19e477e b55c3359e007e38513cbe7f9739c99525c9724cb02b805e54260abd91219cd3e 39911cb88baf9f5b462ec5081ba58576b1a65c2aa4b3fa1b0c90e6caee0bf81e 0b348cd7d3e4ac0137be8617f3d78c88406a95c389de0e20317cd4b7b21d1241 81070e1704f7bf29ab2b79255cbe4cc29fe06c5b82d35c6521e1f8198d47ea4a 36283a18c88b98e485a2fbe6a37d297d5d90294f5945497034c951d09c4a7f89 772b52bf105a4fbabea5bc6bdb6599dc29f4560ff512288e12dbb539e8d4234b 21ab7330d8df5a5bb80d9b5f8c360db4a5168c1fc5386a4f05b4bdbb29e64461 65157cf38ddf42b9ae78b7c1284cd67652c13d4a3038fcb10f3f0e1b9aed07f2 0f053000273e48280e6293dbc665e5d73b2197d4d9d8556be687e5aae32b70f5 77d09bac89e1cccd15534649c8968005e093efadeb790725daea0c946affca42