Threat Intelligence Report: Premium VPN Android — Confirmed Spyware with Active Data Exfiltration
TLP:CLEAR — This report may be freely shared without restriction.
About This Site
This site publishes independent threat intelligence research produced by Sam Dalgleish (@CyberFrenchie), a cybersecurity researcher and final-year BSc Digital Security & Forensics student at Glasgow Caledonian University.
Each report investigates malicious IP infrastructure, malware families, and indicators of compromise (IOCs) using open-source tools and publicly available threat data.
Methodology
Reports follow a structured intelligence workflow:
- IOC identification via ThreatFox, VirusTotal, and open threat feeds
- Infrastructure analysis using Shodan, WHOIS, and geolocation cross-referencing
- Malware behavioural analysis via sandbox environments
- Defensive recommendations for detection and containment
Reports
Recent Posts
Threat Intelligence Report: Remcos RAT C2 Infrastructure Investigation
TLP:CLEAR — This report may be freely shared without restriction.
Threat Intelligence Report: GHOST RAT C2 Infrastructure Investigation
TLP:CLEAR — This report may be freely shared without restriction.