Tag: rat
-
18,459 Devices Compromised Worldwide Via XWorm RAT Builder
by
in SecurityNews
Tags: ratFirst seen on scworld.com Jump to article: www.scworld.com/brief/18459-devices-compromised-worldwide-via-xworm-rat-builder
-
XWorm RAT builder leveraged for widespread device compromise
by
in SecurityNews
Tags: ratFirst seen on scworld.com Jump to article: www.scworld.com/brief/xworm-rat-builder-leveraged-for-widespread-device-compromise
-
Weaponised XWorm RAT Builder Attacking Script Kiddies To Hack 18,000 Devices
by
in SecurityNewsA recent cybersecurity attack involving a Trojanized version of the XWorm Remote Access Trojan (RAT) builder has compromised over 18,000 devices worldwide. This sophisticated malware, primarily distributed via GitHub repositories, Telegram channels, and other platforms, has targeted cybersecurity novices, also known as >>script kiddies,
-
Rat der Verbraucherzentrale zur ePA: Entweder aktive Pflege oder grundsätzlicher Widerspruch
by
in SecurityNews
Tags: ratFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/rat-verbraucherzentrale-epa-aktivitaet-pflege-grundsatz-widerspruch
-
New NonEuclid RAT Evades Antivirus and Encrypts Critical Files
A NonEuclid sophisticated C# Remote Access Trojan (RAT) designed for the.NET Framework 4.8 has been shown to pose a significant and ever-evolving cyber threat. The malware leverages a multifaceted approach to evade detection and maintain persistence, employing advanced techniques such as antivirus bypass, anti-detection mechanisms, anti-virtual machine checks, rootkit-like capabilities to conceal its presence, and…
-
Advanced evasion techniques leveraged by novel NonEuclid RAT
by
in SecurityNews
Tags: ratFirst seen on scworld.com Jump to article: www.scworld.com/brief/advanced-evasion-techniques-leveraged-by-novel-noneuclid-rat
-
Researchers Expose NonEuclid RAT Using UAC Bypass and AMSI Evasion Techniques
by
in SecurityNewsCybersecurity researchers have shed light on a new remote access trojan called NonEuclid that allows bad actors to remotely control compromised Windows systems.”The NonEuclid remote access trojan (RAT), developed in C#, is a highly sophisticated malware offering unauthorised remote access with advanced evasion techniques,” Cyfirma said in a technical analysis published last week.”It employs First…
-
Hackers Mimic Social Security Administration To Deliver ConnectWise RAT
by
in SecurityNewsA phishing campaign spoofing the United States Social Security Administration emerged in September 2024, delivering emails with embedded links to a ConnectWise Remote Access Trojan (RAT) installer. These emails, disguised as updated benefits statements, employed various techniques, including mismatched links and >>View Statement
-
Hackers Exploit Social Security Administration Branding to Deliver ConnectWise RAT
In a concerning escalation of phishing tactics, hackers are spoofing the United States Social Security Administration (SSA) to First seen on securityonline.info Jump to article: securityonline.info/hackers-exploit-social-security-administration-branding-to-deliver-connectwise-rat/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 27
by
in SecurityNewsSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. 7-Zip Zero-Day Exploit Dropped: A New Playground for Infostealer & Supply Chain Attacks Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts The Mac Malware of 2024 Ransomware Vulnerability Matrix Inside…
-
PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps
by
in SecurityNewsCybersecurity researchers have flagged a new malware called PLAYFULGHOST that comes with a wide range of information-gathering features like keylogging, screen capture, audio capture, remote shell, and file transfer/execution.The backdoor, according to Google’s Managed Defense team, shares functional overlaps with a known remote administration tool referred to as Gh0st RAT, which had its source First…
-
NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT
by
in SecurityNewsResearchers discovered a malicious package on the npm package registry that resembles a library for Ethereum smart contract vulnerabilities but actually drops an open-source remote access trojan called Quasar RAT onto developer systems. First seen on hackread.com Jump to article: hackread.com/npm-package-disguised-ethereum-tool-quasar-rat/
-
NPM package poses as legit Ethereum smart contract, injects Quasar RAT
by
in SecurityNews
Tags: ratFirst seen on scworld.com Jump to article: www.scworld.com/news/npm-package-poses-as-legit-ethereum-smart-contract-injects-quasar-rat
-
Breach Roundup: MetLife Denies RansomHub Cyberattack Claims
by
in SecurityNewsAlso: German Prosecutors Charge Three Alleged Russian Saboteurs. This week, MetLife denied a RansomHub cyberattack claim, RI Health System cyberattack update, npm package deployed Quasar RAT, Germany charges three with espionage for Russia, North Korea’s contagious interview campaign deployed new malware. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-metlife-denies-ransomhub-cyberattack-claims-a-27199
-
Webcams and DVRs Vulnerable to HiatusRAT, FBI Warns
by
in SecurityNewsThe FBI has issued a warning about the Hiatus RAT malware targeting Xiongmai and Hikvision web cameras and DVRs, urging users isolate these devices from networks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/webcams-vulnerable-hiatusrat-fbi/
-
Neue Angriffskette von TA397 verbreitet Spionage-RATs
by
in SecurityNewsDie Security-Experten von Proofpoint haben einen neuen Angriff der APT-Gruppe TA397 (auch unter dem Namen ‘Bitter” bekannt) näher analysiert. Die untersuchte Attacke richtete sich gegen eine Organisation aus der türkischen Rüstungsbranche und fand im November 2024 statt. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/neue-angriffskette-von-ta397-verbreitet-spionage-rats
-
Microsoft Teams Vishing Spreads DarkGate RAT
A thwarted attack demonstrates that threat actors using yet another delivery method for the malware, which already has been spread using phishing emails, malvertising, hijacking of instant messages, and SEO poisoning. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/vishing-via-microsoft-teams-spreads-darkgate-rat
-
Remcos RAT Malware Evolves with New Techniques
Cyber-attacks involving Remcos RAT surged in Q3 2024, enabling attackers to control victim machines remotely, steal data and carry out espionage First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/remcos-rat-malware-evolves-new/
-
Hackers Target Android Users via WhatsApp to Steal Sensitive Data
Researchers analyzed a malicious Android sample created using Spynote RAT, targeting high-value assets in Southern Asia, which, likely deployed by an unknown threat actor, aims to compromise sensitive information. Although the target’s precise location and nature have not been disclosed, its high-value nature suggests that advanced persistent threat (APT) groups may be interested in it. …
-
SpyNote RAT Targets High-Value Individuals in Southern Asia
by
in SecurityNewsCybersecurity researchers at CYFIRMA have uncovered a sophisticated cyberattack targeting high-value individuals in Southern Asia. Leveraging the SpyNote Remote Administration Tool (RAT), an unknown threat actor designed a malicious Android... First seen on securityonline.info Jump to article: securityonline.info/spynote-rat-targets-high-value-individuals-in-southern-asia/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 23
by
in SecurityNewsSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. SmokeLoader Attack Targets Companies in Taiwan LogoFAIL Exploited to Deploy Bootkitty, the first UEFI bootkit for Linux Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT DroidBot: Insights from a new Turkish MaaS fraud operation RedLine, A […]…
-
New DroidBot Android Spyware Targeting Banking and Crypto Users
DroidBot, a sophisticated Android RAT, is targeting individuals and financial institutions across Europe. First seen on hackread.com Jump to article: hackread.com/droidbot-android-spyware-hit-banking-crypto-users/
-
This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges
by
in SecurityNewsAs many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android remote access trojan (RAT) called DroidBot.”DroidBot is a modern RAT that combines hidden VNC and overlay attack techniques with spyware-like capabilities, such as keylogging and user interface monitoring,” Cleafy researchers Simone Mattia, Alessandro First seen…
-
Widespread RAT compromise via bogus emails, JavaScript payloads detailed
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/widespread-rat-compromise-via-bogus-emails-javascript-payloads-detailed
-
‘Horns&Hooves’ Malware Campaign Hits Over 1,000 Victims
Russian Threat Actor Delivers NetSupport RAT, BurnsRAT via Fake Requests. A malware campaign targeting Russian retailers and service businesses aims to deploy remote access tools and install infostealer malware. Kaspersky dubbed the campaign Horns&Hooves, after a fake organization set up by fraudsters in the 1931 Soviet satirical novel The Little Golden Calf. First seen on…
-
ElizaRAT Exploits Google, Telegram, Slack Services For C2 Communications
by
in SecurityNewsAPT36, a Pakistani cyber-espionage group, has recently upgraded its arsenal with ElizaRAT, a sophisticated Windows RAT that, initially detected in 2023, employs advanced evasion tactics and robust C2 capabilities to target Indian government agencies, diplomatic personnel, and military installations. The group leverages multiple platforms, including Windows, Linux, and Android, to broaden its attack surface as…