| ▲ | Erlangen 2 hours ago | |
> Notably, the first scan of this URL on the VirusTotal platform occurred in late September, by a user from Taiwan. Could this be the attacker? The scan happened before the hack was first exposed on the forum. | ||
| ▲ | gruez 2 hours ago | parent [-] | |
You would be a dumbass to do that, because virustotal allows security researchers to see submitted samples/urls. The last thing you want to do is to draw attention to your C&C server. | ||