Kingz.net has emerged as a prominent underground marketplace specializing in the trade of illicitly obtained digital goods and compromised accounts. Similar to platforms like OGUsers.com, Kingz operates as a hub where cybercriminals can buy, sell, and trade various digital assets acquired through malicious means. The marketplace primarily deals in: Compromised social media accounts, Stolen gaming accounts, Hacked streaming service credentials, and other digital assets.
Torrents@TorrentsKey features of MisterioLNK include support for five loader methods: HTA, BAT, CMD, VBS, and LNK. It also offers three obfuscation methods specifically for VBS, CMD, and BAT, with plans to add support for HTA obfuscation in the future. Furthermore, the tool allows users to customize the icon of LNK files, enhancing its deceptive capabilities.
The project is currently in its beta phase, with the developer acknowledging potential bugs and issues. Users are encouraged to report any problems through the project's GitHub Issues page. Notably, the author explicitly disclaims responsibility for any illegal activities conducted using this software, emphasizing that users bear the responsibility of ensuring their actions comply with applicable laws and regulations. The figure below displays the original GitHub post by the developer.
Figure 1 - GitHub Page for MisterioLNK
Threat Actors (TAs) have begun leveraging the MisterioLNK loader builder to create heavily obfuscated files for distributing various malware strains. Notable examples include Remcos RAT, DC RAT, and BlankStealer. What's particularly concerning is the high evasion rate of these loaders—many are successfully bypassing detection by a majority of security vendors, highlighting the sophisticated nature of this tool and its potential for widespread misuse in cybercriminal operations.