Tag: rat
-
Hackers Selling SnowDog RAT Malware With Remote Control Capabilities Online
by
in SecurityNewsA sophisticated remote access trojan (RAT) dubbedSnowDoghas surfaced on underground cybercrime forums, prompting alarms among cybersecurity experts. Advertised as a tool for “corporate espionage and advanced intrusions,” the malware is being sold by an unidentified threat actor with claims of stealth, evasion, and remote control capabilities. The SnowDog RAT: Features and Risks The seller claims…
-
Ongoing Gamaredon phishing campaign targets Ukraine with Remcos RAT
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/ongoing-gamaredon-phishing-campaign-targets-ukraine-with-remcos-rat
-
Triton RAT Uses Telegram for Remote System Access and Control
by
in SecurityNewsCado Security Labs has uncovered a new Python-based Remote Access Tool (RAT) named Triton RAT, which leverages Telegram for remote system access and data exfiltration. This open-source malware, available on GitHub, is designed to execute a wide range of malicious activities, including credential theft, system control, and persistence establishment. Technical Overview Triton RAT initiates its…
-
Konni RAT Exploit Windows Explorer Limitations To Launches a Multi-Stage Attack Steal Data
by
in SecurityNewsKonni RAT, a highly advanced Remote Access Trojan (RAT), has emerged as a significant cybersecurity threat, leveraging Windows Explorer limitations to execute multi-stage attacks. This malware employs a combination of batch files, PowerShell scripts, and VBScript to infiltrate systems, exfiltrate sensitive data, and maintain persistence. Its ability to evade detection through obfuscation and stealth makes…
-
Russia-linked Gamaredon targets Ukraine with Remcos RAT
by
in SecurityNews
Tags: apt, attack, cyberespionage, group, phishing, powershell, rat, russia, spear-phishing, ukraineRussia-linked Gamaredon targets Ukraine with a phishing campaign using troop-related lures to deploy the Remcos RAT via PowerShell downloader. Talos researchers warn that Russia-linked APT group Gamaredon (a.k.a. Armageddon, Primitive Bear, ACTINIUM, Callisto) targets Ukraine with a phishing campaign. The cyberespionage group is behind a long series of spear-phishing attacks targeting Ukrainian entities, and organizations related…
-
Russia-Linked Gamaredon Uses Troop-Related Lures to Deploy Remcos RAT in Ukraine
by
in SecurityNewsEntities in Ukraine have been targeted as part of a phishing campaign designed to distribute a remote access trojan called Remcos RAT.”The file names use Russian words related to the movement of troops in Ukraine as a lure,” Cisco Talos researcher Guilherme Venere said in a report published last week. “The PowerShell downloader contacts geo-fenced…
-
Russia-Linked Gamaredon Uses Troop-Related Lures to Deploy Remcos RAT in Ukraine
by
in SecurityNewsEntities in Ukraine have been targeted as part of a phishing campaign designed to distribute a remote access trojan called Remcos RAT.”The file names use Russian words related to the movement of troops in Ukraine as a lure,” Cisco Talos researcher Guilherme Venere said in a report published last week. “The PowerShell downloader contacts geo-fenced…
-
New Python-Based Discord RAT Targets Users to Steal Login Credentials
by
in SecurityNewsA recently identified Remote Access Trojan (RAT) has raised alarms within the cybersecurity community due to its innovative use of Discord’s API as a Command and Control (C2) server. This Python-based malware exploits Discord’s extensive user base to execute commands, steal sensitive information, and manipulate both local machines and Discord servers. Bot Initialization and Functionality…
-
Ukrainian defense sector hit with Dark Crystal RAT
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/ukrainian-defense-sector-hit-with-dark-crystal-rat
-
Attackers Use Fake CAPTCHAs to Deploy Lumma Stealer RAT
by
in SecurityNewsAttackers are exploiting user familiarity with CAPTCHAs to distribute the Lumma Stealer RAT via malicious PowerShell commands, according to HP First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/attackers-fake-captchas-lumma/
-
CERT-UA Warns of Escalating Cyberattacks Targeting Ukraine’s Defense Sector with DarkCrystal RAT
by
in SecurityNewsThe Government Computer Emergency Response Team (CERT-UA) issued an important warning about a series of targeted cyberattacks aimed at employees within Ukraine’s defense-industrial complex and members of the Armed Forces. These attacks have been tracked under the iden First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cert-ua-warns-of-darkcrystal-rat/
-
Ukraine Defense Sector Under Attack Via Dark Crystal RAT
The UNC-200 threat group, active since last summer, has been utilizing the Signal messaging app to social engineer targets into downloading an infostealing remote access Trojan. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/ukraine-defense-sector-attack-dark-crystal-rat
-
Cryptohack Roundup: $6.1M Wemix Theft
by
in SecurityNewsAlso: OKX Temporarily Suspends Services to Prevent Funds Laundering. This week, $6.1M Wemix theft, OKX suspended services, Vermont dropped Coinbase case, new RAT-targeted crypto wallet extensions, TJ Stone got prison time, Nebraska’s new crypto ATM rule, Trezor disclosed a potential bug and British prosecutors charged a former police officer for 50 Bitcoin theft. First seen…
-
CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT
CERT-UA warns of a cyber campaign using Dark Crystal RAT to target Ukraine’s defense sector, including defense industry employees and Defense Forces members. The Computer Emergency Response Team of Ukraine (CERT-UA) uncovered a new cyber espionage campaign targeting employees of defense-industrial complex enterprises and representatives of the Defense Forces of Ukraine with Dark Crystal RAT.…
-
CERT-UA Warns: Dark Crystal RAT Targets Ukrainian Defense via Malicious Signal Messages
The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a new campaign that targets the defense sectors with Dark Crystal RAT (aka DCRat).The campaign, detected earlier this month, has been found to target both employees of enterprises of the defense-industrial complex and individual representatives of the Defense Forces of Ukraine.The activity involves First…
-
Microsoft identifies new RAT targeting cryptocurrency wallets and more
A previously unreported remote access trojan that Microsoft researchers dubbed StilachiRAT is designed to steal a wide range of data, including information about cryptocurrency wallet extensions for Google’s Chrome browser. First seen on therecord.media Jump to article: therecord.media/stilachirat-new-remote-access-trojan-crypto-wallets
-
Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets
by
in SecurityNewsMicrosoft is calling attention to a novel remote access trojan (RAT) named StilachiRAT that it said employs advanced techniques to sidestep detection and persist within target environments with an ultimate aim to steal sensitive data.The malware contains capabilities to “steal information from the target system, such as credentials stored in the browser, digital wallet information,…
-
New RAT malware used for crypto theft, reconnaissance
Microsoft has discovered a new remote access trojan (RAT) that employs “sophisticated techniques” to avoid detection, ensure persistence, and extract sensitive information data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-new-rat-malware-used-for-crypto-theft-reconnaissance/
-
DDoS-Angriff auf die Website eines Département-Rats in Frankreich
by
in SecurityNewsCyberattaque massive, ‘probablement d’origine russe’ : 3 questions pour comprendre ce qu’il s’est passé en Côte-d’Or First seen on france3-regions.francetvinfo.fr Jump to article: france3-regions.francetvinfo.fr/bourgogne-franche-comte/cote-d-or/le-site-du-departement-de-cote-d-or-victime-d-une-cyberattaque-probablement-d-origine-russe-3121408.html
-
Hackers Use Trump’s Coin, Binance’s Name in Crypto Phishing Scam
Threat actors are running an email phishing scam to entice victims to install Binance software in hopes of collecting TRUMP coins. However, if they try, they instead get the ConnectWise RAT installed on their systems, which could let the malware steal sensitive information from the compromised machines. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/hackers-use-trumps-coin-binances-name-in-crypto-phishing-scam/
-
The Rise of XWorm RAT: What Cybersecurity Teams Need to Know Now
by
in SecurityNewsThe Rise of XWorm RAT: What Cybersecurity Teams Need to Know Now First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/the-rise-of-xworm-rat-what-cybersecurity-teams-need-to-know-now/
-
DCRat Malware Spreading via YouTube to Steal Login Credentials
by
in SecurityNewsCybersecurity researchers have identified a renewed wave of attacks involving the Dark Crystal RAT (DCRat), a dangerous remote access Trojan that has resurfaced through a Malware-as-a-Service (MaaS) model. Attackers are actively targeting gamers by distributing malicious software disguised as gaming cheats and cracks, primarily through YouTube. Malware Distribution Exploits YouTube Platform The attackers behind DCRat…
-
Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based Attacks
by
in SecurityNewsThe threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024.”The monitored campaigns targeted Colombian judicial institutions and other government or private organizations, with high infection rates,” Check Point said in a new analysis.”More than 1,600 victims were affected during one…
-
Binance Spoofers Compromise PCs in ‘TRUMP’ Crypto Scam
An email campaign luring users with offers of free President Trump meme coins can lead to computer takeover via the ConnectWise RAT, in less than 2 minutes. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/binance-spoofers-compromise-pcs-trump-crypto-scam
-
Dark Caracal targets Latin America with Poco RAT malware
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/dark-caracal-targets-latin-america-with-poco-rat-malware
-
Breach Roundup: US Sanctions Iran-Based Nemesis Admin
by
in SecurityNewsAlso, BianLian Ransomware Hackers Aren’t Really Mailing You. This week, the U.S. sanctioned the Nemesis admin, Poco RAT spotted in Latin America, Apple challenged a British order to weaken encryption and the FBI warned against scam letters purportedly from BianLian. Also, a Nigerian tax scammer extradited to the U.S., a new botnet and a Webex…
-
LinkedIn InMail Spoofing Malware Campaign Unleashes ConnectWise RAT
LinkedIn InMail spoofing delivers the ConnectWise RAT via outdated branding and weak email security, posing a significant risk to organizations. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/cybersecurity/linkedin-inmail-spoofing-connectwise-rat-threat/
-
Dark Caracal Uses Poco RAT to Target Spanish-Speaking Enterprises in Latin America
by
in SecurityNewsThe threat actor known as Dark Caracal has been attributed to a campaign that deployed a remote access trojan called Poco RAT in attacks targeting Spanish-speaking targets in Latin America in 2024.The findings come from Russian cybersecurity company Positive Technologies, which described the malware as loaded with a “full suite of espionage features.””It could upload…