Filter
Exclude
Time range
-
Near
Andre Gironda@AndreGironda
19 Dec 2025
Mintsloader Finger protocol Hashtable obfuscation -- blackpointcyber.com/blog/min…

New MintsLoader Variant Using Hashtable Obfuscation

Here's how a recent Fake Captcha campaign leveraged the Finger protocol to deliver a MintsLoader variant using Hashtable-based obfuscation.

blackpointcyber.com
1
2
225
RussianPanda 🐼 🇺🇦
@RussianPanda9xx
12 Dec 2025
New video dropped! 🤓 Vibe hunting through @ValidinLLC with no preparation at all, just pivoting on whatever looks interesting and seeing where it takes us 🐇🕳️ We stumbled across SmartApe, SmokedHam, Mintsloader ... Also caught up with Kenneth, the mind behind Validin! 🧠 youtu.be/yRjae5iuDTY

Validin Vibes: Threat Hunting but Make It Chaotic. No Methodology....

Sometimes threat hunting is less about rigid methodology and more a...

youtube.com
2
20
78
10,134
Silent Push
@silentpush
11 Nov 2025
Heads up – we’re doing a webinar this Thursday on Domain Search PADNS early detection, with a few real-world examples from #Kimsuky, #TA2726, and #Mintsloader investigations. Register here 👉 hubs.ly/Q03SC0Wk0

Webinar - Unlocking Preemptive Detection

Stay ahead of attacks by turning Silent Push's extensive PADNS and scan data into an early warning system.

info.silentpush.com
1
2
6
608
Cert AgID@AgidCert
3 Sep 2025
🇮🇹 Riprendono le attività delle campagne #MintsLoader ⚠️ Dopo una lunga pausa estiva, nella giornata di ieri è stata osservata una nuova campagna #MintsLoader via #PEC, la prima dopo quella registrata lo scorso giugno. ℹ️ Approfondimenti e #IoC 👇 🔗 cert-agid.gov.it/news/ripren…
1
3
11
623
Gianni Amato@guelfoweb
4 Jul 2025
➡️ Individuata una nuova campagna ita #MintsLoader tramite messaggi inviati da caselle #PEC compromesse ➡️ Rilevata una nuova campagna di smishing ai danni di #INPS, finalizzata alla sottrazione di dati e documenti personali ➡️ Continua phishing con nome e il logo di #PagoPA
Cert AgID@AgidCert
4 Jul 2025
Sintesi riepilogativa delle campagne malevole nella settimana del 28 giugno – 4 luglio 2025 💣 #IoC 2723 🦠 #Malware 15 (famiglie) 🐟 #Phishing 19 (brand) ℹ️ Ulteriori approfondimenti 👇 🔗 cert-agid.gov.it/news/sintes…
2
8
624
Threat Intelligence@threatintel
17 Jun 2025
#ThreatProtection #MintsLoader #Malware #Campaign hits Italian PEC users with Calendar-aware tactics. Read more about Symantec's protection: broadcom.com/support/securit… #Cybercrime #Cybersecurity
3
1,202
Cert AgID@AgidCert
4 Jun 2025
🇮🇹 Nuova campagna #MintsLoader conferma una mirata strategia temporale 🔎 Colpire esclusivamente nelle giornate feriali, quando gli utenti sono più inclini a consultare le email lavorative, specialmente se a seguito di una pausa. 🔗 cert-agid.gov.it/news/nuova-…
1
4
6
819
JAMESWT@JAMESWT_WT
4 Jun 2025
#MintsLoader > #PEC #Italy 👇 brettesxes.]com/1.php?s=flibabc12 abckdkfkgdjnkhe.]top/zeqvk8x13ghtr.php Samples👇 @luc4m bazaar.abuse.ch/browse/tag/a… #MintsLoader #Spain geronimo.]website/1.php?s=flibabc12 glmhhdcmgcfddbk.]top/upow4fi5hvhtr.php ❇️Summary bazaar.abuse.ch/browse/tag/1…
2
4
28
4,287
Recorded Future@RecordedFuture
14 May 2025
📹 RSAC replay! Deconstructing MintsLoader: A practical Approach to Malware Research TJ Nelson and Justin Grosfelt from Recorded Future explore this sophisticated threat through hands-on reverse engineering techniques. See this session and all the others on-demand. bit.ly/43mx9wA
0:21
4
5
849
JAMESWT@JAMESWT_WT
7 May 2025
Related "#MintsLoader: #StealC and BOINC" samples covered 👇 bazaar.abuse.ch/browse/tag/i… extra bazaar.abuse.ch/browse/tag/6… Boinc virustotal.com/gui/file/91e4…
Mangusta@Tac_Mangusta
7 May 2025
Replying to @Tac_Mangusta
Some #MintsLoader "temp" url in common 11/2024 4c45dcb97fd466caca3ad9a556b2367148fe497b3055bddd378876272f2ad957 01/2025 esentire.com/blog/mintsloade… 04/2025 3B84447288C2F0D93F40EB745E1126DC947D0DEFBDBE1BF1D62BFAD5B67031E4
7
26
5,081
Mangusta@Tac_Mangusta
7 May 2025
Some #MintsLoader "temp" url in common 11/2024 4c45dcb97fd466caca3ad9a556b2367148fe497b3055bddd378876272f2ad957 01/2025 esentire.com/blog/mintsloade… 04/2025 3B84447288C2F0D93F40EB745E1126DC947D0DEFBDBE1BF1D62BFAD5B67031E4
3
5,265
JAMESWT@JAMESWT_WT
7 May 2025
Mentioned #MintsLoader via #Italy #PEC Samples 👇 bazaar.abuse.ch/browse/tag/l… ⛔️C2 lknafbafiiclfgl[.]top sdfjkhgyu6wjkhlasyhd[.]op
Cert AgID@AgidCert
6 May 2025
🇮🇹 Nuova campagna #MintsLoader diffonde il malware #Stealc attraverso caselle #PEC compromesse 🎯 #Stealc infostealer (MaaS) ➡️ browser ➡️ estensioni ➡️ wallet di criptovalute ➡️ client email ➡️ altre applicazioni ℹ️ Approfondimenti e #IoC 👇 🔗 cert-agid.gov.it/news/nuova-…
5
23
1,901
Cert AgID@AgidCert
6 May 2025
🇮🇹 Nuova campagna #MintsLoader diffonde il malware #Stealc attraverso caselle #PEC compromesse 🎯 #Stealc infostealer (MaaS) ➡️ browser ➡️ estensioni ➡️ wallet di criptovalute ➡️ client email ➡️ altre applicazioni ℹ️ Approfondimenti e #IoC 👇 🔗 cert-agid.gov.it/news/nuova-…
5
7
4,683
Cyber_OSINT@Cyber_O51NT
6 May 2025
Experts report that MintsLoader, a malware loader first spotted in 2024, uses obfuscated JavaScript and PowerShell to deliver GhostWeaver RAT, employing evasion tactics and targeting industries through phishing campaigns. #Cybersecurity #Malware ift.tt/NSsPtzJ

Experts shared up-to-date C2 domains and other artifacts related to recent MintsLoader attacks

MintsLoader is a malware loader delivering the GhostWeaver RAT via a multi-stage chain using obfuscated JavaScript and PowerShell.

securityaffairs.com
2
5
781
Nicolas Krassas
@Dinosn
5 May 2025
Experts shared up-to-date C2 domains and other artifacts related to recent MintsLoader attacks securityaffairs.com/177448/m…

Experts shared up-to-date C2 domains and other artifacts related to recent MintsLoader attacks

MintsLoader is a malware loader delivering the GhostWeaver RAT via a multi-stage chain using obfuscated JavaScript and PowerShell.

securityaffairs.com
5
24
2,466
Pierluigi Paganini - Security Affairs@securityaffairs
5 May 2025
Experts shared up-to-date C2 domains and other artifacts related to recent #MintsLoader Attacks securityaffairs.com/177448/m… #securityaffairs #hacking #malware @TheRecord_Media

Experts shared up-to-date C2 domains and other artifacts related to recent MintsLoader attacks

MintsLoader is a malware loader delivering the GhostWeaver RAT via a multi-stage chain using obfuscated JavaScript and PowerShell.

securityaffairs.com
2
3
365
Eugen Volosyan@eugen_volosyan
5 May 2025
#MintsLoader Drops #GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks thehackernews.com/2025/05/mi…

MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks

Stealth malware MintsLoader delivers GhostWeaver RAT Evades sandboxes using DGA Powers data theft via encrypted C2

thehackernews.com
5
7
388
Dr.Philippe Vynckier, CISSP - Influencer
@PVynckier
4 May 2025
MintsLoader Malware Uses Sandbox and Virtual Machine Evasion Techniques gbhackers.com/mintsloader-ma…

1
1
4
127
Dr.Philippe Vynckier, CISSP - Influencer
@PVynckier
4 May 2025
MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks thehackernews.com/2025/05/mi…
1
73
Nicolas Krassas
@Dinosn
4 May 2025
MintsLoader Malware: Advanced Evasion Techniques Target Industrial Sector securityonline.info/mintsloa…

MintsLoader Malware: Advanced Evasion Techniques Target Industrial Sector

Recorded Future analysis exposes MintsLoader, a stealthy malware loader using advanced evasion to target industrial, legal, and energy sectors.

securityonline.info
6
23
3,120
Load more