[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]

@virusbtn Virus Bulletin

Virus Bulletin posts on X about $4704t, $zs, whatsapp, buddy the most. They currently have XXXXXX followers and XXX posts still getting attention that total XXXXX engagements in the last XX hours.

Engagements: XXXXX #

• X Week XXXXXX +67%
• X Month XXXXXXX +117%
• X Months XXXXXXX +32%
• X Year XXXXXXX +40%

Mentions: XX #

• X Week XX +6.90%
• X Month XX +28%
• X Months XXX +6.80%
• X Year XXX +135%

Followers: XXXXXX #

• X Week XXXXXX +0.11%
• X Month XXXXXX +0.30%
• X Months XXXXXX +1.10%
• X Year XXXXXX +1.40%

CreatorRank: XXXXXXX #

Social Influence #

---

Social category influence stocks XXXX% technology brands XXXX% luxury brands XXXX% automotive brands XXXX%

Social topic influence $4704t #8, $zs #55, whatsapp #3189, buddy 0.76%, atomic 0.76%, notification 0.76%, targets 0.76%, asia 0.76%, shell 0.76%, agencies XXXX%

Top accounts mentioned or mentioned by @lindseyod123 @gleeda @johnhammond @wbmmfq @amazon @gendigitalinc @softwareclean @fortinet @totalavcom @jspchc @philofishal @dineshdina04 @darkreading @txhaflaire @cyb3rjerry @jershmagersh @theoneawesomo @russianpanda9xx @rebensk @objective_see

Top assets mentioned Zscaler Inc (ZS) Microsoft Corp. (MSFT)

Top Social Posts #

---

Top posts by engagements in the last XX hours

"Trend Micro researchers Buddy Tancio Aldrin Ceriola Khristoffer Jocson Nusrath Iqra & Faith Higgins analyse a campaign distributing Atomic macOS Stealer (AMOS) in disguised cracked versions of legitimate apps"
X Link @virusbtn 2025-09-05T13:21Z 60.6K followers, 1861 engagements

"Seqrite Threat Research reports Spanish language judicial notification lures targeting Colombian users using SVG HTA VBS and PowerShell stages to download and decode a loader ending with AsyncRAT injected into a legitimate Windows process"
X Link @virusbtn 2025-10-14T08:19Z 60.6K followers, 3584 engagements

"Zscaler ThreatLabz details the latest tactics and tools used by APT37 (ScarCruft/Ruby Sleet/Velvet Chollima) a DPRK-aligned threat actor active since 2012 that targets South Korean individuals connected to the regime or involved in human rights activism"
X Link @virusbtn 2025-09-09T09:04Z 60.6K followers, 2606 engagements

"Trend Micro's Nick Dai & Pierre Lee look into the TAOTH campaign targeting users across Eastern Asia which leveraged an abandoned Sogou Zhuyin IME update server & spear-phishing operations to deliver malware families such as TOSHIS C6DOOR DESFY & GTELAM"
X Link @virusbtn 2025-08-29T10:00Z 60.6K followers, 5390 engagements

"Zscaler ThreatLabz reports two malicious PyPI packages sisaws and secmeasure that deliver SilentSync a Python-based RAT designed to execute remote commands exfiltrate files capture screens and steal browser data from Chrome Brave Edge and Firefox"
X Link @virusbtn 2025-09-18T09:25Z 60.6K followers, 2394 engagements

"Trend Micro researchers identified an active campaign spreading via WhatsApp through a ZIP file attachment. When executed the malware establishes persistence and hijacks the compromised WhatsApp account to send copies of itself to the victims contacts"
X Link @virusbtn 2025-10-03T09:27Z 60.6K followers, 3130 engagements

"FortiGuard Labs details a Stealit campaign that shifts from Electron installers to the Node.js Single Executable Application feature while still posing as game and VPN installers"
X Link @virusbtn 2025-10-13T09:13Z 60.6K followers, 9247 engagements

"In early 2025 Threat Detection & Research reported PolarEdge exploiting CVE-2023-20118 to gain RCE and drop a web shell on routers. A follow-up blog post provides an in-depth technical analysis of the undocumented TLS-based implant"
X Link @virusbtn 2025-10-15T09:35Z 60.6K followers, 1560 engagements

"FortiGuard Labs details the Confucius group shifting from document stealers like WooperStealer to Python-based backdoors such as AnonDoor with spear phishing & weaponised documents hitting South Asian government agencies & defence contractors"
X Link @virusbtn 2025-10-06T09:26Z 60.6K followers, 1734 engagements

"FortiGuard Labs analyses Chaos ransomware which resurfaced in 2025 with a new C++ variant. The analysis provides a walkthrough of its execution flow encryption and clipboard hijacking for cryptocurrency with comparisons to earlier .NET builds"
X Link @virusbtn 2025-10-09T08:40Z 60.6K followers, 3185 engagements

"Trend Micro details the Gentlemen ransomware group showing advanced tooling to bypass enterprise endpoint protections. TTPs include driver abuse GPO manipulation custom anti-AV utilities privileged account compromise and exfiltration"
X Link @virusbtn 2025-09-10T10:46Z 60.6K followers, 2156 engagements

"Cyble Research and Intelligence Labs observes Android campaigns posing as Indian Regional Transport Office apps spreading via WhatsApp & SMS to GitHub-hosted APKs & compromised sites then using phishing pages to collect banking credentials & UPI PINs"
X Link @virusbtn 2025-10-15T08:48Z 60.6K followers, 1388 engagements

"Microsoft Threat Intelligence confirms that Storm 1175 known for deploying Medusa ransomware and exploiting public-facing applications is actively exploiting the CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability"
X Link @virusbtn 2025-10-07T09:44Z 60.6K followers, 1996 engagements

"Zscaler ThreatLabz identifies a campaign active since early May 2025 targeting Chinese-speaking users that delivers ValleyRAT FatalRAT & the newly named kkRAT. The blog details the attack chain and kkRATs features network protocol commands & plugins"
X Link @virusbtn 2025-09-11T10:38Z 60.6K followers, 2767 engagements

"ThreatLabz discovered a multi-stage ClickFix campaign likely affiliated with the Russia-linked APT group COLDRIVER targeting members of Russian civil society. The campaign led to a new downloader BAITSWITCH & a new PowerShell-based backdoor SIMPLEFIX"
X Link @virusbtn 2025-10-01T08:00Z 60.6K followers, 6415 engagements

"Trend Micro researchers examine the past TTPs used by UNC3886 to get a good understanding of the threat group and enhance the overall defensive posture against similar tactics"
X Link @virusbtn 2025-08-11T09:39Z 60.6K followers, 3577 engagements

"Warlock ransomware advertises itself with If you want a Lamborghini please contact me. Trend Micro analyses how it exploits unpatched SharePoint for access privilege escalation credential theft lateral movement and data exfiltration before encryption"
X Link @virusbtn 2025-08-21T09:33Z 60.6K followers, 2807 engagements

"The Resecurity HUNTER Team warns of a mass exploitation of CVE-2025-61882 in Oracle E-Business Suite enabling remote code execution. Several victims received extortion emails from Cl0p in late September 2025"
X Link @virusbtn 2025-10-07T09:42Z 60.6K followers, 3265 engagements

"Trend Micro details EvilAI which disguises itself as productivity/AI apps and is signed to appear legitimate. Infections span Europe the Americas and AMEA hitting manufacturing government and healthcare sectors"
X Link @virusbtn 2025-09-12T10:42Z 60.6K followers, 2145 engagements

"Zscaler's ThreatLabz tracks SmokeLoaders return with new 2025-alpha and 2025 builds after the May 2024 Operation Endgame takedown. The builds fix performance-impacting bugs and update artifacts to evade static and behaviour-based detection"
X Link @virusbtn 2025-09-16T15:29Z 60.6K followers, 3326 engagements

"Threat Research details AdaptixC2 a lightweight open-source C2 with multi-protocol communication advanced evasion and BOF-based extensibility confirming XXX active servers in the wild"
X Link @virusbtn 2025-10-10T08:48Z 60.6K followers, 14.3K engagements