I am now at liberty to reveal that I along with some other colleagues at #FoxIT in collaboration with government partners such as the #NCSC_NL
was personally involved in securing the digital infrastructure of the #natosummit in The Hague this past week.
It was an amazing experience and an honor to have been able to contribute to securing such an important international event.
https://www.linkedin.com/posts/xejknol_nato2025-cybersecurity-foxit-activity-7344791867739299840-yhfz
#nato #natosummit #NATO2025 #natosummit2025 #thehague #thenetherlands #cybersecurity #security
While I may publish a more complete blog post about this later
I also sent this on twitter to make #Github aware of it quicker
However I felt that I should also publish it here.
I recently came upon this post on reddit: https://www.reddit.com/r/cybersecurity_help/comments/196qhup/how_do_i_remove_this_malware/
Which awakened my curiosity about this user who has quite a few repo's with multiple stars: github[.]com/AppsForDesktop
looking at their profile I noticed various repo's claiming to be desktop app for various popular websites and apps.
When I investigated these repo's in my sandboxes I discovered they installed the file: cnertucbrcaj[.]exe and performed various persistence techniques,
Adding several exclusions to defender
and uninstalling various windows security components such as MRT.
After which it of course connected to various Monero mining pools.
#malware #cybersecurity #cryptominers #cybersec #securityresearch
I am now at liberty to reveal that I along with some other colleagues at #FoxIT in collaboration with government partners such as the #NCSC_NL
was personally involved in securing the digital infrastructure of the #natosummit in The Hague this past week.
It was an amazing experience and an honor to have been able to contribute to securing such an important international event.
https://www.linkedin.com/posts/xejknol_nato2025-cybersecurity-foxit-activity-7344791867739299840-yhfz
#nato #natosummit #NATO2025 #natosummit2025 #thehague #thenetherlands #cybersecurity #security
While I may publish a more complete blog post about this later
I also sent this on twitter to make #Github aware of it quicker
However I felt that I should also publish it here.
I recently came upon this post on reddit: https://www.reddit.com/r/cybersecurity_help/comments/196qhup/how_do_i_remove_this_malware/
Which awakened my curiosity about this user who has quite a few repo's with multiple stars: github[.]com/AppsForDesktop
looking at their profile I noticed various repo's claiming to be desktop app for various popular websites and apps.
When I investigated these repo's in my sandboxes I discovered they installed the file: cnertucbrcaj[.]exe and performed various persistence techniques,
Adding several exclusions to defender
and uninstalling various windows security components such as MRT.
After which it of course connected to various Monero mining pools.
#malware #cybersecurity #cryptominers #cybersec #securityresearch
Xavier Knol :donor: