Tag: rat
-
CaaS Surges in 2025, Along With RATs, Ransomware
Cybercrime-as-a-Service (CaaS) now accounts for 57% of all cyberthreats, marking a 17% increase from the first half of 2024, according to Darktrace’s Annual Threat Report. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/caas-surges-in-2025-along-with-rats-ransomware/
-
Btmob RAT: A New Evolution of Android Malware Targets Users via Phishing Sites
A newly discovered Android malware, Btmob RAT, has been identified as a major threat to mobile users. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/btmob-rat/
-
SystemBC RAT Now Targets Linux, Spreading Ransomware and Infostealers
SystemBC RAT now targets Linux, enabling ransomware gangs like Ryuk Conti to spread, evade detection, and maintain encrypted C2 traffic for stealthy cyberattacks. First seen on hackread.com Jump to article: hackread.com/systembc-rat-targets-linux-ransomware-infostealers/
-
Threat Actors Exploit ClickFix to Deploy NetSupport RAT in Latest Cyber Attacks
Threat actors have observed the increasingly common ClickFix technique to deliver a remote access trojan named NetSupport RAT since early January 2025.NetSupport RAT, typically propagated via bogus websites and fake browser updates, grants attackers full control over the victim’s host, allowing them to monitor the device’s screen in real-time, control the keyboard and mouse, upload…
-
Die besten DAST- & SAST-Tools
Tags: access, ai, api, application-security, authentication, awareness, cloud, cyberattack, cybersecurity, docker, framework, HIPAA, injection, PCI, rat, risk, risk-management, service, software, sql, supply-chain, tool, vulnerability, vulnerability-managementTools für Dynamic und Static Application Security Testing helfen Entwicklern, ihren Quellcode zu härten. Wir zeigen Ihnen die besten Tools zu diesem Zweck.Die Softwarelieferkette respektive ihre Schwachstellen haben in den vergangenen Jahren für viel Wirbel gesorgt. Ein besonders schlagzeilenträchtiges Beispiel ist der Angriff auf den IT-Dienstleister SolarWinds, bei dem mehr als 18.000 Kundenunternehmen betroffen waren.…
-
NetSupport RAT Grant Attackers Full Access to Victims Systems
The eSentire Threat Response Unit (TRU) has reported a significant rise in incidents involving the NetSupport Remote Access Trojan (RAT) since January 2025. This malicious software, originally designed as a legitimate IT support tool, has been weaponized by cybercriminals to gain full control over victim systems. Attackers leveraging NetSupport RAT can monitor screens, control input…
-
NanoCore RAT Attack Windows Using Task Scheduler to Captures keystrokes, screenshots
NanoCore, a notorious Remote Access Trojan (RAT), continues to pose a significant threat to Windows systems. This malware, known for its espionage capabilities and modular design, is being leveraged by cybercriminals to exfiltrate sensitive data, control infected systems, and maintain persistence using advanced techniques. A recent analysis of a NanoCore sample (MD5 hash: 18B476D37244CB0B435D7B06912E9193) sheds…
-
SmartApeSG Campaign Uncovered: A Deep Dive into NetSupport RAT Distribution and Suspected Threat Actor Connections
A recent investigation by Team Cymru has revealed an intricate web of malicious infrastructure linking the SmartApeSG FakeUpdate First seen on securityonline.info Jump to article: securityonline.info/smartapesg-campaign-uncovered-a-deep-dive-into-netsupport-rat-distribution-and-suspected-threat-actor-connections/
-
18,459 Devices Compromised Worldwide Via XWorm RAT Builder
Tags: ratFirst seen on scworld.com Jump to article: www.scworld.com/brief/18459-devices-compromised-worldwide-via-xworm-rat-builder
-
XWorm RAT builder leveraged for widespread device compromise
Tags: ratFirst seen on scworld.com Jump to article: www.scworld.com/brief/xworm-rat-builder-leveraged-for-widespread-device-compromise
-
Weaponised XWorm RAT Builder Attacking Script Kiddies To Hack 18,000 Devices
A recent cybersecurity attack involving a Trojanized version of the XWorm Remote Access Trojan (RAT) builder has compromised over 18,000 devices worldwide. This sophisticated malware, primarily distributed via GitHub repositories, Telegram channels, and other platforms, has targeted cybersecurity novices, also known as >>script kiddies,
-
Rat der Verbraucherzentrale zur ePA: Entweder aktive Pflege oder grundsätzlicher Widerspruch
Tags: ratFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/rat-verbraucherzentrale-epa-aktivitaet-pflege-grundsatz-widerspruch
-
New NonEuclid RAT Evades Antivirus and Encrypts Critical Files
A NonEuclid sophisticated C# Remote Access Trojan (RAT) designed for the.NET Framework 4.8 has been shown to pose a significant and ever-evolving cyber threat. The malware leverages a multifaceted approach to evade detection and maintain persistence, employing advanced techniques such as antivirus bypass, anti-detection mechanisms, anti-virtual machine checks, rootkit-like capabilities to conceal its presence, and…
-
Advanced evasion techniques leveraged by novel NonEuclid RAT
Tags: ratFirst seen on scworld.com Jump to article: www.scworld.com/brief/advanced-evasion-techniques-leveraged-by-novel-noneuclid-rat
-
Researchers Expose NonEuclid RAT Using UAC Bypass and AMSI Evasion Techniques
Cybersecurity researchers have shed light on a new remote access trojan called NonEuclid that allows bad actors to remotely control compromised Windows systems.”The NonEuclid remote access trojan (RAT), developed in C#, is a highly sophisticated malware offering unauthorised remote access with advanced evasion techniques,” Cyfirma said in a technical analysis published last week.”It employs First…
-
Hackers Mimic Social Security Administration To Deliver ConnectWise RAT
A phishing campaign spoofing the United States Social Security Administration emerged in September 2024, delivering emails with embedded links to a ConnectWise Remote Access Trojan (RAT) installer. These emails, disguised as updated benefits statements, employed various techniques, including mismatched links and >>View Statement
-
Hackers Exploit Social Security Administration Branding to Deliver ConnectWise RAT
In a concerning escalation of phishing tactics, hackers are spoofing the United States Social Security Administration (SSA) to First seen on securityonline.info Jump to article: securityonline.info/hackers-exploit-social-security-administration-branding-to-deliver-connectwise-rat/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 27
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. 7-Zip Zero-Day Exploit Dropped: A New Playground for Infostealer & Supply Chain Attacks Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts The Mac Malware of 2024 Ransomware Vulnerability Matrix Inside…
-
PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps
Cybersecurity researchers have flagged a new malware called PLAYFULGHOST that comes with a wide range of information-gathering features like keylogging, screen capture, audio capture, remote shell, and file transfer/execution.The backdoor, according to Google’s Managed Defense team, shares functional overlaps with a known remote administration tool referred to as Gh0st RAT, which had its source First…
-
NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT
Researchers discovered a malicious package on the npm package registry that resembles a library for Ethereum smart contract vulnerabilities but actually drops an open-source remote access trojan called Quasar RAT onto developer systems. First seen on hackread.com Jump to article: hackread.com/npm-package-disguised-ethereum-tool-quasar-rat/
-
NPM package poses as legit Ethereum smart contract, injects Quasar RAT
Tags: ratFirst seen on scworld.com Jump to article: www.scworld.com/news/npm-package-poses-as-legit-ethereum-smart-contract-injects-quasar-rat
-
Breach Roundup: MetLife Denies RansomHub Cyberattack Claims
Also: German Prosecutors Charge Three Alleged Russian Saboteurs. This week, MetLife denied a RansomHub cyberattack claim, RI Health System cyberattack update, npm package deployed Quasar RAT, Germany charges three with espionage for Russia, North Korea’s contagious interview campaign deployed new malware. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-metlife-denies-ransomhub-cyberattack-claims-a-27199
-
Webcams and DVRs Vulnerable to HiatusRAT, FBI Warns
The FBI has issued a warning about the Hiatus RAT malware targeting Xiongmai and Hikvision web cameras and DVRs, urging users isolate these devices from networks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/webcams-vulnerable-hiatusrat-fbi/
-
Neue Angriffskette von TA397 verbreitet Spionage-RATs
Die Security-Experten von Proofpoint haben einen neuen Angriff der APT-Gruppe TA397 (auch unter dem Namen ‘Bitter” bekannt) näher analysiert. Die untersuchte Attacke richtete sich gegen eine Organisation aus der türkischen Rüstungsbranche und fand im November 2024 statt. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/neue-angriffskette-von-ta397-verbreitet-spionage-rats
-
Microsoft Teams Vishing Spreads DarkGate RAT
A thwarted attack demonstrates that threat actors using yet another delivery method for the malware, which already has been spread using phishing emails, malvertising, hijacking of instant messages, and SEO poisoning. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/vishing-via-microsoft-teams-spreads-darkgate-rat
-
Remcos RAT Malware Evolves with New Techniques
Cyber-attacks involving Remcos RAT surged in Q3 2024, enabling attackers to control victim machines remotely, steal data and carry out espionage First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/remcos-rat-malware-evolves-new/
-
Hackers Target Android Users via WhatsApp to Steal Sensitive Data
Researchers analyzed a malicious Android sample created using Spynote RAT, targeting high-value assets in Southern Asia, which, likely deployed by an unknown threat actor, aims to compromise sensitive information. Although the target’s precise location and nature have not been disclosed, its high-value nature suggests that advanced persistent threat (APT) groups may be interested in it. …
-
SpyNote RAT Targets High-Value Individuals in Southern Asia
Cybersecurity researchers at CYFIRMA have uncovered a sophisticated cyberattack targeting high-value individuals in Southern Asia. Leveraging the SpyNote Remote Administration Tool (RAT), an unknown threat actor designed a malicious Android... First seen on securityonline.info Jump to article: securityonline.info/spynote-rat-targets-high-value-individuals-in-southern-asia/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 23
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. SmokeLoader Attack Targets Companies in Taiwan LogoFAIL Exploited to Deploy Bootkitty, the first UEFI bootkit for Linux Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT DroidBot: Insights from a new Turkish MaaS fraud operation RedLine, A […]…