Tag: rat
-
New DroidBot Android Spyware Targeting Banking and Crypto Users
DroidBot, a sophisticated Android RAT, is targeting individuals and financial institutions across Europe. First seen on hackread.com Jump to article: hackread.com/droidbot-android-spyware-hit-banking-crypto-users/
-
This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges
As many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android remote access trojan (RAT) called DroidBot.”DroidBot is a modern RAT that combines hidden VNC and overlay attack techniques with spyware-like capabilities, such as keylogging and user interface monitoring,” Cleafy researchers Simone Mattia, Alessandro First seen…
-
Widespread RAT compromise via bogus emails, JavaScript payloads detailed
First seen on scworld.com Jump to article: www.scworld.com/brief/widespread-rat-compromise-via-bogus-emails-javascript-payloads-detailed
-
‘Horns&Hooves’ Malware Campaign Hits Over 1,000 Victims
Russian Threat Actor Delivers NetSupport RAT, BurnsRAT via Fake Requests. A malware campaign targeting Russian retailers and service businesses aims to deploy remote access tools and install infostealer malware. Kaspersky dubbed the campaign Horns&Hooves, after a fake organization set up by fraudsters in the 1931 Soviet satirical novel The Little Golden Calf. First seen on…
-
ElizaRAT Exploits Google, Telegram, Slack Services For C2 Communications
APT36, a Pakistani cyber-espionage group, has recently upgraded its arsenal with ElizaRAT, a sophisticated Windows RAT that, initially detected in 2023, employs advanced evasion tactics and robust C2 capabilities to target Indian government agencies, diplomatic personnel, and military installations. The group leverages multiple platforms, including Windows, Linux, and Android, to broaden its attack surface as…
-
Horns&Hooves Campaign Delivers RATs via Fake Emails and JavaScript Payloads
A newly discovered malware campaign has been found to target private users, retailers, and service businesses mainly located in Russia to deliver NetSupport RAT and BurnsRAT.The campaign, dubbed Horns&Hooves by Kaspersky, has hit more than 1,000 victims since it began around March 2023. The end goal of these attacks is to leverage the access afforded…
-
Check Point entdeckt neue Verbreitungsmethode von RAT Remcos
Check Points Ransomware Index beleuchtet Erkenntnisse von sogenannten Ransomware Shame Sites. Diese werden von Ransomware-Gruppen betrieben, die mit D… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-entdeckt-neue-verbreitungsmethode-von-rat-remcos/a37059/
-
Check Point deckt Android-Malware Rafel RAT auf
Die Entdeckung von Rafel RAT zeigt, wie vielseitig und gefährlich Android-Malware sein kann und unterstreicht die Notwendigkeit ständiger Wachsamkeit … First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-deckt-android-malware-rafel-rat-auf/a37641/
-
Cloudy With a Chance of RATs: Unveiling APT36 and the Evolution of ElizaRAT
ntroduction APT36, also known as Transparent Tribe, is a Pakistan-basedthreat actor notorious for persistently targeting Indian government organizatio… First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2024/the-evolution-of-transparent-tribes-new-malware/
-
Chinese APT Hackers Using Multiple Tools And Vulnerabilities To Attack Telecom Orgs
Tags: apt, attack, backdoor, china, control, cyber, exploit, government, group, hacker, infrastructure, rat, tool, vulnerabilityEarth Estries, a Chinese APT group, has been actively targeting critical sectors like telecommunications and government entities since 2023. They employ advanced techniques, including exploiting vulnerabilities, lateral movement, and deploying multiple backdoors like GHOSTSPIDER, SNAPPYBEE, and MASOL RAT, which have impacted Southeast Asia significantly. The group makes use of a sophisticated command and control infrastructure…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 20
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. New Campaign Uses Remcos RAT to Exploit Victims Bengal cat lovers in Australia get psspsspss’d in Google-driven…
-
Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails
A newly patched security flaw impacting Windows NT LAN Manager (NTLM) was exploited as a zero-day by a suspected Russia-linked actor as part of cyber attacks targeting Ukraine.The vulnerability in question, CVE-2024-43451 (CVSS score: 6.5), refers to an NTLM hash disclosure spoofing vulnerability that could be exploited to steal a user’s NTLMv2 hash. It was…
-
‘Top 10’ malware strain, Remcos RAT, now exploiting Microsoft Excel files
First seen on scworld.com Jump to article: www.scworld.com/news/excel-doc-loaded-with-remcos-rat-lets-attackers-gain-backdoor-access
-
Remcos RAT Now Exploiting Microsoft Excel Files
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36584/Remcos-RAT-Now-Exploiting-Microsoft-Excel-Files.html
-
Revamped Remcos RAT Deployed Against Microsoft Windows Users
Tags: exploit, malicious, microsoft, office, rat, remote-code-execution, risk, tool, vulnerability, windowsWindows users are at risk for full device takeover by an emerging malicious version of the Remcos remote admin tool, which is being used in an ongoing campaign exploiting a known remote code execution (RCE) vulnerability in Microsoft Office and WordPad. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/revamped-remcos-rat-microsoft-windows-users
-
New Remcos RAT Variant Targets Windows Users Via Phishing
The new Remcos RAT variant identified in a new phishing campaign exploits CVE-2017-0199 via malicious Excel files First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/remcos-rat-variant-targets-windows/
-
A new fileless variant of Remcos RAT observed in the wild
Fortinet researchers discovered a new phishing campaign spreading a variant of the commercial malware Remcos RAT. Fortinet’s FortiGuard Labs recently uncovered a phishing campaign spreading a new variant of the Remcos RAT. Remcos is a commercial remote administration tool (RAT) that is sold online to allow buyers remote control over computers. Threat actors use Remcos…
-
Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware
Tags: computer, control, cybercrime, cybersecurity, exploit, fortinet, malware, phishing, rat, threatCybersecurity researchers have discovered a new phishing campaign that spreads a new fileless variant of known commercial malware called Remcos RAT.Remcos RAT “provides purchases with a wide range of advanced features to remotely control computers belonging to the buyer,” Fortinet FortiGuard Labs researcher Xiaopeng Zhang said in an analysis published last week.”However, threat actors have…
-
Hackers Use Excel Files to Deliver Remcos RAT Variant on Windows
This article explains the inner workings of the Remcos RAT, a dangerous malware that uses advanced techniques to… First seen on hackread.com Jump to article: hackread.com/hackers-use-excel-files-remcos-rat-variant-windows/
-
Pakistani Hackers Targeted High-Profile Indian Entities using Custom RAT
First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/pakistan-hackers-high-profile/
-
New PySilon RAT Abusing Discord Platform to Maintain Persistence
Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits the popular social platform Discord to main… First seen on gbhackers.com Jump to article: gbhackers.com/new-pysilon-rat/
-
Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant
The Russian threat actor known as RomCom has been linked to a new wave of cyber attacks aimed at Ukrainian government agencies and unknown Polish enti… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/russian-romcom-attacks-target-ukrainian.html
-
Ducktail Quasar RAT: Vietnamese Threat Actors Target Meta Ads Professionals
In a sophisticated attack campaign recently uncovered by Cyble Research and Intelligence Lab (CRIL), digital marketing professionals, particularly tho… First seen on securityonline.info Jump to article: securityonline.info/ducktail-quasar-rat-vietnamese-threat-actors-target-meta-ads-professionals/
-
New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT
Cybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a commodity remote access… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/new-malware-campaign-uses-purecrypter.html
-
Operation PhantomBlu Phishing Attack Uses MS Documents to Deliver NetSupport RAT
A sophisticated phishing campaign against U.S. organizations has been deploying a remote access trojan known as NetSupport RAT. Dubbed >>Operation Pha… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/operation-phantomblu-netsupport-rat/
-
Novel RomCom RAT variant launched against Ukraine, Poland
First seen on scworld.com Jump to article: www.scworld.com/brief/novel-romcom-rat-variant-launched-against-ukraine-poland
-
DarkVision RAT deployed via PureCrypter loader
Tags: ratFirst seen on scworld.com Jump to article: www.scworld.com/brief/darkvision-rat-deployed-via-purecrypter-loader