1 616
مشترکین
+124 ساعت
-77 روز
+3330 روز
در حال بارگیری داده...
کانالهای مشابه
هیچ دادهای
مشکلی وجود دارد؟ لطفاً صفحه را تازه کنید یا با مدیر پشتیبانی ما تماس بگیرید.
ابر برچسبها
هیچ دادهای
مشکلی وجود دارد؟ لطفاً صفحه را تازه کنید یا با مدیر پشتیبانی ما تماس بگیرید.
اشارات ورودی و خروجی
---
---
---
---
---
---
جذب مشترکین
ژوئیه '26
ژوئیه '26
+6
در 0 کانالها
ژوئن '26
+122
در 3 کانالها
Get PRO
مه '26
+116
در 1 کانالها
Get PRO
آوریل '26
+92
در 2 کانالها
Get PRO
مارس '26
+104
در 2 کانالها
Get PRO
فوریه '26
+369
در 2 کانالها
Get PRO
ژانویه '26
+8
در 2 کانالها
Get PRO
دسامبر '25
+49
در 0 کانالها
Get PRO
نوامبر '25
+253
در 2 کانالها
Get PRO
اکتبر '250
در 0 کانالها
Get PRO
سپتامبر '25
+1 037
در 1 کانالها
| تاریخ | رشد مشترکین | اشارات | کانالها | |
| 11 ژوئیه | 0 | |||
| 10 ژوئیه | +1 | |||
| 09 ژوئیه | +1 | |||
| 08 ژوئیه | 0 | |||
| 07 ژوئیه | 0 | |||
| 06 ژوئیه | 0 | |||
| 05 ژوئیه | 0 | |||
| 04 ژوئیه | 0 | |||
| 03 ژوئیه | 0 | |||
| 02 ژوئیه | 0 | |||
| 01 ژوئیه | +4 |
پستهای کانال
| 2 | featured articles
EN
https://flare.io/learn/resources/blog/falkonc2
https://www.brinztech.com/breach-alerts/brinztech-alert-falkonc2-rat-rotemelli-dark-web-sale-0-day-evasion/
https://meterpreter.org/falkonc2-malware-analysis/
https://thehackernews.com/2026/06/threatsday-bulletin-ai-agents-gone.html#trusted-tools-abused
https://x.com/akaclandestine/status/2055791042147041552
https://x.com/DarkWebInformer/status/2060892709200564357
RU
https://www.securitylab.ru/news/573464.php
https://techora.ru/news/flare-obnaruzhila-freymvork-falkonc2-dlya-skrytogo-2026-06-07
SK
https://slovakia.news-pravda.com/eu/2026/06/07/326983.html | 290 |
| 3 | Rotemelli1 ports and database will be deleted at Midnight as we are permanently discontinuing Rotemelli1
Backup your infected systems
We are not back on telegram. This is just a friendly reminder for members not in the Simpex Channel who do not get the notifications you can use the new private updates channel
https://t.me/+RJy7lXtqEp9jZDA5
the simplex channel has been deleted. contacts are intact | 404 |
| 4 | FALSE COMPROMISE NOTICE
users brought to our attention today there was a misleading message posted to our channel days ago
'Falkonc2 has been compromised. contact for negotiation'
first of all we never saw any such message because the attacker probably deleted the message so we had no idea such a thing had happened until a user brought to our attention today because we were working on a new morpher and did not notice that activity
this is not the first time we have experienced this with telegram so its not as surprising because telegram used to manually disable our channels of communication when we used to publish public poc and works and we moved to private groups and attacker somehow got access to the group and posted a misleading message and an ad
most people or attackers have known us to reject posting ads in any channel associated with us and we recently received a message from couple of apts and loaders asking for ads placement but we refused and someone probably had to use a telegram 0day or access to our backup account to post such misleading message
as of this writing we are fed up and leaving telegram completely for these numerous errors and unapproved access
our updates and private channel has been moved to simplex
link below. goodbye
https://smp12.simplex.im/c#qWGsadvrIodXHMDrDPra2_S0QX-UtrIsQFWWEEeQG24
ANY OTHER MESSAGE SENT AFTER THIS MESSAGE IS FAKE AND NOT FROM US | 3 266 |
| 5 | Extra Security Additions
[!] Windows agent will use a unified tor proxy routing feature for communications to remove traces of operation to affiliate system completely
[!] Javascript and CSS will be removed completely from the clearnet and tor cdn to improve load time and speed
[!] Affiliate logon to the windows agent will now require a compulsory 4 digit decryption pin for all systems and communication to the central c2 server to add an extra layer of security which prevents account takeover through KeyID file
[!] PGP key encryption will be compulsory for all windows agent downloads to prevent account takeovers and binary exposure
falkonC2 Comms. | 473 |
| 6 | Additions in falkonC2 v3 Cherenkov
Signed stubs with legitimate certificates
Quickbooks company data and backup file extractor
Privilege escalation to SYSTEM/NTAUTHORITY
DNSFORGE banking and crypto addon
Morpher for Microsoft Endpoint and Security
1 SURPRISE FEATURE
Coming this July
falkonC2 Comms. | 754 |
| 7 | falkonC2 DNSFORGE feature to replace legitimate banking and crypto websites with a scampage or sniffer whilst domain and ssl certificate remains unchanged
Currently works on all Google Chrome versions
Coming this July
falkonC2 Comms. | 1 307 |
| 8 | EARLY JULY V3 CHERENKOV | 358 |
| 9 | Support will be online soon We took some time off from depression and debugging Sorry for inconvinience caused We turned on automated maintenance system which will keep the servers online till we return without interruptions
falkonC2 Comms. | 625 |
| 10 | exploit has been upgraded to LPE with no external dependencies
stubs will now run with SYSTEM privileges by default enabling direct controls and system level access to the following;
killing most av agents silently
extracting quickbooks customer and payment data
extracting chrome cookies autofills passwords
running infected systems as ddos pool
replacing accounting software with duplicate versions to reroute transactions
dumping kerberos tickets and ntlm hashes of the system
etc
falkonC2 Comms. | 748 |
| 11 | falkonC2
new morpher
polymorphism
startup persistence
no disk
falkonC2 Comms. | 696 |
| 12 | We received reports about lost requests and messages with the qTox support service
For this reason qTox communication has been discontinued permanently
Use the alternative below which is has been vetted as stable and secure
falkonC2 SimpleX Support (simplex.chat/downloads/)
https://smp10.simplex.im/a#jEhRodC0hqitonn7HEdgEVSLvevnR7FDk9OGkl2J4A8
falkonC2 Comms. | 3 780 |
| 13 | Telegram support contact has been deactivated infect immediately
Please write to qTox support from here on for quick support and entry requests
The following changes will be applied next week ahead of upcoming update
• falkonC2 Tor CDN will be updated to newer version as well as new Clearnet CDN to increase download speed to 80% faster as compared to Tor
• Various profiles on forums will be deactivated except T1erOne Forum
• Rate limiting will be introduced in the Central Stub Assembler
• Device limit will be applied in the agent to prevent affiliate account hijacking (uploading your license file to upload services such as temp[.]sh limewire[.]com mega[.]nz automatically grants administrators of these services permission to extract your logs from the agent using the license file you uploaded to their service just to transfer it to another pc; We delt with similar situation yesterday and we do not advise you to use public service for transfer of license or agent simple alternative is to use scp or sftp)
• New pool of domains will be deployed to replace old domains and will use an independent cdn not cloudflare routed even though stubs are not detected with the old domains we just like to be a step ahead of backups for smooth operation
• Resident loader will be diabled for other public malware families and focus solely on private projects and rmms
We have seen the Telemetry and FlareIO report published recently; We are not worried about the reports as long as affiliates are targetting the right systems
Get qTox Support - @falkonc2
Enjoy the rest of the week | 808 |
| 14 | Direct privilege escalation 0day has been cut down to required size to fit into the stub with compatibility options for windows 7-vista being worked on currently windows 8-11 is done with Microsft Defender detection bypass embedded
Sophos EDR bypass for screenconnect and datto is also done as of this morning
TrendMicro bypass and Bitdefender new morpher in coming weeks
Enjoy the rest of the week | 996 |
| 15 | ie.
FalkonC2 agent is fileless as the trojan stub itself meaning the agent does not need active system components such as ip address and hwid for communication and the infected systems do not lay on your system its all based on our central server which is dynamic to an extent you can switch systems and devices without loosing a single machine because communication is securely routed to our central server not your ip address or system directly so feel safe to change systems if you wish to just extract your token file and you are good to go this was the main focus of the project to be as fileless and dynamic as possible unlike traditional other trojans
we read reviews about researchers theming this project as a copy of other rats on the market; well there is one answer there is no current rat with similar capabilities closer to the thin size of our stubs so how did we copy other code and not get bloated size like others
everything was written from scratch in a year going through several versions and finally landing a permanent version old affiliates already know this
everything from c2 to stub to webserver to assembler was written from scratch in c++ and masm64 this is why nginx and apache exploits do not work on our webserver we are not dependent on public software
we hope this answers your individual questions | 1 111 |
| 16 | Telegram Support will be disabled and deleted at end of month due to upcoming update which will affect certain security organizations
Please resort to qTox support as main secure support option
qTox Support (https://qtox.github.io/)
1D8BA9C3728ED85EDB33AC70F547A77A27940C2EC09F3F517B8F3998BC4BC816881A31D66014 | 854 |
| 17 | Telegram Support will be disabled and deleted at end of month due to upcoming update which will affect certain security organizations
Please resort to qTox support as main secure support option
qTox - 1D8BA9C3728ED85EDB33AC70F547A77A27940C2EC09F3F517B8F3998BC4BC816881A31D66014 | 1 |
| 18 | FalkonC2 Rotemelli2 Slots Sold Out
What to expect in the next upcoming updates
'Big surprise for initial access brokers'
'Big surprise for spammers and cc brokers'
'Big surprise for Sophos and TrendMicro'
Cheers to successful work and enjoy the rest of the week
Contact Support - @falkonc2 | 878 |
| 19 | Slots Open For Rotemelli2
Request Slot - @falkonc2 | 14 |
| 20 | DEMO 284
System - Windows 11 Enterprise
Endpoint - Microsoft Defender
MOE - ScreenConnect by ConnectWise
Exploit - AV Bypass + Silent
Module - BSOD Screen Disrupter For VNC/HVNC Agents
Privilege Level - NT AUTHORITY\SYSTEM
Location - Australia OCEANIA
Contact Support - @falkonc2 | 1 286 |
