The notorious North Korea-linked threat actor known as the Lazarus Group has been attributed to a new global campaign that involves the opportunistic exploitation of security flaws in Log4j to deploy previously undocumented remote access trojans (RATs) on compromised hosts. Cisco Talos is tracking the activity under the name Operation Blacksmith, noting the use of […]
A new phishing campaign codenamed MULTI#STORM has set its sights on India and the U.S. by leveraging JavaScript files to deliver remote access trojans on compromised systems. “The attack chain ends with the victim machine infected with multiple unique RAT (remote access trojan) malware instances, such as Warzone RAT and Quasar RAT,” Securonix researchers Den […]
Linux routers in Japan are the target of a new Golang remote access trojan (RAT) called GobRAT. “Initially, the attacker targets a router whose WEBUI is open to the public, executes scripts possibly by using vulnerabilities, and finally infects the GobRAT,” the JPCERT Coordination Center (JPCERT/CC) said in a report published today. The compromise of […]
Fortinet has released fixes to address 15 security flaws, including one critical vulnerability impacting FortiOS and FortiProxy that could enable a threat actor to take control of affected systems. The issue, tracked as CVE-2023-25610, is rated 9.3 out of 10 for severity and was internally discovered and reported by its security teams. “A buffer underwrite […]
Security researchers have discovered yet another sizable haul of malicious packages on the open source registries npm and PyPI. These packages, which could cause problems if developers downloaded them without realizing it, can be found here. It comes with a number of different packages, all of which contain the same malicious package. go file is […]
The new campaign also involves replacing cryptocurrency addresses shared via clipboard and setting up fake cryptocurrency websites. Trend Micro researchers have shared details of a new campaign distributing SpyAgent malware by abusing legitimate use RATs (remote access tools), including TeamViewer. Safib assistant also abused in the scam According to a report from Trend Micro, the campaign […]
Remote access Trojans (RATs) are one of the most popular hacking tools, as they allow attackers to remotely control a compromised system. These powerful malware variants are always being updated in order to evade security measures on attacked systems, so it is necessary to know as much information as possible about it. This time, the […]
Cybersecurity specialists report the detection of a new Android-based remote access Trojan (RAT) that is capable of recording the screen of the affected user in order to steal sensitive information such as online banking credentials and other access keys to perform fraudulent activities. This malware was identified as Vultur and was distributed through the official […]
A recent report from Check Point Research (CPR) points to the detection of a new malware variant designed to infect Windows and macOS devices. This malware was identified as XLoader and is for sale for a considerably low price given its advanced capabilities. This is actually a variant of the Formbook malware, which was previously […]
Cybersecurity specialists report that a hacking group is abusing functions on Telegram messaging app to embed malicious code within a Remote Access Trojan (RAT) identified as ToxicEye. According to the report, ToxicEye infected devices can be controlled via Telegram accounts operated by hackers. Experts mention that this Trojan may take control of file systems, install […]
Poorly secured remote access attracts mostly ransomware gangs, but can provide access to coin miners and backdoors too
Researchers discovered a new malware campaign that drops two different Remote Access Trojan(RAT) on targeted Windows systems and steal sensitive information from popular browsers such as Chrome and Firefox. The samples that uncovered by Fortinet researchers drop the RevengeRAT and WSHRAT malware and it has various obfuscation functionalities that use the various stage to maintain […]
Researchers uncovered a new malware dropper called AndroMut from one of the infamous APT group TA505 to drop the FlawedAmmyy Remote Access Trojan gain the remote access from the infected victim’s computer. TA505 hacking group believed to reside in Russia and the threat actors from this group involved in various high profile cyber attacks including […]
Researchers from cybersecurity firm Check Point have uncovered a Facebook campaign that has been spreading malware since 2014. The campaign was operating under the posts that discussed the political situation in Libya. Notorious Remote Access Trojans (RATs) like SpyNote, Houdini and Remcos were spread through Facebook pages and it is believed that the residents of […]
Loki is a Remote Access Tool/Botnet & uses RSA-2048 with AES-256 to keep your communication secure. Requirements Python 3.6.x | 3.7.x Server tested on Windows 10 Kali Linux Bot tested on Windows 10 Kali Linux Features Upload & Download Chrome Launching Persistence Screenshot Keylogger Ddos SFTP SSH Installation pip install -r requirements.txt Vayne-RaT – An […]
A new sophisticated, unique Linux malware dubbed HiddenWasp used in targeted attacks against victim’s who are already under attack or gone through a heavy reconnaissance. The malware is highly sophisticated and went undetected; the malware is still active and has a zero detection rate. The malware adopted a massive amount of codes from publically available […]
A couple of weeks ago Microsoft released a security patch to fix a remote-code execution vulnerability in its Remote Desktop Protocol (RDP) services; now, IT security audit specialists report that there are still about a million Windows systems vulnerable to exploiting this flaw. If exploited, the vulnerability could generate serious global consequences; the IT security […]
Researchers discovered a “Blackwater” malware campaign that suspected to associated with well known MuddyWater APT bypass the security control and install a backdoor on Victims PC using MuddyWater’s tactics, techniques, and procedures (TTPs). MuddyWater involved with a various cyber attack in recent past and its spotted to targeting organizations in Pakistan, Turkey, and Tajikistan using […]
Cyber forensics course specialists report the presence of a new vulnerability in the SupportAssist tool, of the computer equipment manufacturer Dell; the reported flaw could allow threat actors to execute code with administrator privileges on exposed computers executing non-updated versions of this tool to take control of the victims’ systems. Although the company released a […]
Cyber criminals launching a new malware campaign that make use of legitimate script engine AutoHotkey with a malicious script to evade detection and also gain the remote access to the targeted system. AutoHotkey is an open source Microsoft Windows tool that allows you to create macros, scripts, and automate frequently performed tasks on your computer. Attackers […]
A combination of two exploits allows attackers to install malicious code on IPhone X devices A network security researcher from China has recently revealed technical details about some critical vulnerability in iOS and Safari, the Apple browser, which, if exploited, could allow an attacker to remotely compromise an iPhone X with operating system iOS 12.1.2 […]