Tag: rat
-
New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT
Cybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a commodity remote access trojan (RAT) called DarkVision RAT.The activity, observed by Zscaler ThreatLabz in July 2024, involves a multi-stage process to deliver the RAT payload.”DarkVision RAT communicates with its command-and-control (C2) server using a custom network First…
-
North Korean Hackers Use New Backdoor And RAT For Attacks
As per recent reports, North Korean hackers have been observed using a new backdoor and remote access trojan as part of their attack campaign. VeilShell, the new tool, is primarily being used to target Southeast Asian countries. In this article, we’ll dive into the details and uncover how such attacks are carried out. Let’s begin! ……
-
GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks
A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors.”In this campaign, legitimate repositories such as the open-source tax filing software, UsTaxes, HMRC, and…
-
GitHub, Telegram Bots, and QR Codes Abused in New Wave of Phishing Attacks
A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors.”In this campaign, legitimate repositories such as the open-source tax filing software, UsTaxes, HMRC, and…
-
Technical Analysis of DarkVision RAT
Tags: access, antivirus, api, attack, cloud, communications, computer, control, cybercrime, data, detection, encryption, endpoint, infection, injection, malicious, malware, network, open-source, password, powershell, rat, remote-code-execution, startup, tactics, theft, threat, tool, windowsIntroductionDarkVision RAT is a highly customizable remote access trojan (RAT) that first surfaced in 2020, offered on Hack Forums and their website for as little as $60. Written in C/C++, and assembly, DarkVision RAT has gained popularity due to its affordability and extensive feature set, making it accessible even to low-skilled cybercriminals. The RAT’s capabilities…
-
EU-Rat bringt Cyber Resilience Act auf den Weg
Künftig müssen vernetzte Produkte, die in der EU in Verkehr gebracht werden, gegen Angriffe gesichert sein und das mit dem CE-Zeichen signalisieren. First seen on heise.de Jump to article: www.heise.de/news/EU-Rat-bringt-Cyber-Resilience-Act-auf-den-Weg-9977103.html
-
Hackers Hide Remcos RAT in GitHub Repository Comments
The tack highlights bad actors’ interest in trusted development and collaboration platforms, and their users. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/hackers-hide-remcos-rat-github-comments
-
Novel VeilShell RAT leveraged in APT37-linked attack campaign
First seen on scworld.com Jump to article: www.scworld.com/brief/novel-veilshell-rat-leveraged-in-apt37-linked-attack-campaign
-
DCRAt Attacking Users Via HTML Smuggling To Steal Login Credentials
In a new campaign that is aimed at users who speak Russian, the modular remote access tool (RAT) known as DCRat has been utilized. Delivered through HTML smuggling, a technique not previously seen with DCRat, the malware leverages its typical RAT capabilities to execute shell commands, log keystrokes, exfiltrate files, and steal credentials, which marks…
-
Extensive data compromise sought by new RomCom RAT variant
First seen on scworld.com Jump to article: www.scworld.com/brief/extensive-data-compromise-sought-by-new-romcom-rat-variant
-
Infostealers, RATs targeted at North American transport, logistics firms
Tags: ratFirst seen on scworld.com Jump to article: www.scworld.com/brief/infostealers-rats-targeted-at-north-american-transport-logistics-firms
-
Sophisticated RAT Hides Behind P. Diddy Scandal Lures
The advanced Python-based PysSilon malware can steal data, record keystrokes, and execute remote commands. The attackers behind it are promising to leak details of deleted X posts related to accused rapper and music producer Sean Combs. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/sophisticated-rat-p-diddy-scandal-lures
-
Packed With Features, ‘SambaSpy’ RAT Delivers Hefty Punch
Thought to be Brazilian in origin, the remote access Trojan is the perfect tool for a 21st-century James Bond. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/sambaspy-rat-packs-hefty-punch
-
Check Point entdeckt neue Verbreitungsmethode von RAT Remcos
Check Points Ransomware Index beleuchtet Erkenntnisse von sogenannten Ransomware Shame Sites. Diese werden von Ransomware-Gruppen betrieben, die mit D… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-entdeckt-neue-verbreitungsmethode-von-rat-remcos/a37059/
-
Check Point deckt Android-Malware Rafel RAT auf
Die Entdeckung von Rafel RAT zeigt, wie vielseitig und gefährlich Android-Malware sein kann und unterstreicht die Notwendigkeit ständiger Wachsamkeit … First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-deckt-android-malware-rafel-rat-auf/a37641/
-
Operation PhantomBlu Phishing Attack Uses MS Documents to Deliver NetSupport RAT
A sophisticated phishing campaign against U.S. organizations has been deploying a remote access trojan known as NetSupport RAT. Dubbed >>Operation Pha… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/operation-phantomblu-netsupport-rat/
-
Beware Of Weaponized Excel Document That Delivers Fileless Remcos RAT
A recent advanced malware campaign leverages a phishing attack to deliver a seemingly benign Excel file that exploits CVE-2017-0199. By exploiting this vulnerability in Microsoft Office, attackers are able to embed malicious code within the file using OLE objects. It utilizes encryption and obfuscation techniques to conceal the malicious payload. Upon opening the file, the…
-
Novel Quasar RAT variant deployed by Blind Eagle
Tags: ratSource: www.scmagazine.com/brief/novel-quasar-rat-variant-deployed-by-blind-eagle comments: 0
-
Blind Eagle Targets Colombian Insurance Sector with Customized Quasar RAT
The Colombian insurance sector is the target of a threat actor tracked as Blind Eagle with the end goal of delivering a customized version of a known commodity remote access trojan (RAT) known as Quasar RAT since June 2024.”Attacks have originated with phishing emails impersonating the Colombian tax authority,” Zscaler ThreatLabz researcher Gaetano Pellegrino said…
-
BlindEagle APT Targets Colombian Insurance with BlotchyQuasar RAT
Cybersecurity researchers at Zscaler ThreatLabz have uncovered a new wave of attacks by the BlindEagle APT group, this time zeroing in on the Colombian insurance sector. Utilizing phishing emails masquerading... Source: securityonline.info/blindeagle-apt-targets-colombian-insurance-with-blotchyquasar-rat/ comments: 0
-
FreeBSD Gets Euro686,400 to Boost Security Features
The funds from Germany’s Sovereign Tech Fund will be used to integrate security features such as zero trust capabilities and tools for software bill of materials. Source: www.darkreading.com/application-security/freebsd-gets-stf-funding-boost-security-features comments: 0
-
macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users
Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT.The artifacts alm… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/macos-version-of-hz-rat-backdoor.html
-
Constantly Evolving MoonPeak RAT Linked to North Korean Spying
First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/constantly-evolving-moonpeak-rat-linked-to-north-korean-spying
-
New MoonPeak RAT Linked to North Korean Actors
Source: duo.com/decipher/new-moonpeak-rat-linked-to-north-korean-actors comments: 0
-
HZ RAT Malware Targeting macOS Users
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/hz-rat-malware-targeting-macos-users
-
New HZ RAT malware for macOS sets sights on Chinese messaging apps
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/new-hz-rat-malware-for-macos-sets-sights-on-chinese-messaging-apps
-
Blind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin America
Cybersecurity researchers have shed light on a threat actor known as Blind Eagle that has persistently targeted entities and individuals in Colombia, … First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/blind-eagle-hackers-exploit-spear.html
-
Detecting evolving threats: NetSupport RAT campaign
First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/detecting-evolving-threats-netsupport-rat/
-
New UULoader Malware Distributes Gh0st RAT and Mimikatz in East Asia
A new type of malware called UULoader is being used by threat actors to deliver next-stage payloads like Gh0st RAT and Mimikatz.The Cyberint Research … First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/new-uuloader-malware-distributes-gh0st.html
-
New MoonPeak RAT Linked to North Korean Threat Group UAT-5394
First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/moonpeak-rat-north-korea/