Think, Talk, Hack

Browsing tag

RAT

New Fileless Malware Uses Windows Registry as Storage to Evade Detection

A new JavaScript-based remote access Trojan (RAT) propagated via a social engineering campaign has been observed employing sneaky “fileless” techniques as part of its detection-evasion methods to elude discovery and analysis. Dubbed DarkWatchman by researchers from Prevailion’s Adversarial Counterintelligence Team (PACT), the malware uses a resilient domain generation algorithm (DGA) to identify its command-and-control (C2) […]

root

Remote access tools abused to spread malware and steal cryptocurrency

The new campaign also involves replacing cryptocurrency addresses shared via clipboard and setting up fake cryptocurrency websites. Trend Micro researchers have shared details of a new campaign distributing SpyAgent malware by abusing legitimate use RATs (remote access tools), including TeamViewer. Safib assistant also abused in the scam According to a report from Trend Micro, the campaign […]

root

Watch out as fake ransomware attack infects PCs with StrRAT

StrRAT malware has the ability to steal credentials from a targeted system and also change file name extension to .crimson but it does not encrypt any data like in a ransomware attack. In recent malware-related news, Microsoft took to Twitter to warn users against a Java-based StrRAT that essentially portrays it to be fake ransomware […]

root

Microsoft shares details of malware attack on aerospace, travel sector

The malware is capable of stealing credentials, webcam data, taking screenshots, and other sensitive information from a targeted device. Microsoft has recently uncovered a spear-phishing campaign targeting aerospace and travel organizations and warns about their multiple remote access trojans (RATs) deployed using a new and stealthy malware loader. Attackers are using phishing emails to spoof […]

root

ToxicEye RAT hits Telegram app to spy, steal user data

ToxicEye is a new remote access Trojan (RAT) malware that has been used for more than 130 attacks over the past three months. Check Point Research has found that this new multi-functional remote access trojan (RAT) is spread via phishing emails containing a malicious .exe file. SEE: Malware infected Telegram app found in Play Store The […]

root

Mass Malware Attack – Ransomware, Screenlockers, RATs, Attack & Gain Backdoor Access in Organization Networks

Researchers discovered a mass malware distribution campaign that utilizing the well-known political figures in the U.S. including President Donald Trump, former presidential candidate Hillary Clinton with a series of ransomware, screen lockers, RATs and other malicious applications. A variety of malicious applications uncovered with this campaign, and it was developed to infect the victims with […]

root

Malware-as-a-service – Adwind Malware Attack Utilities Industry Via Weaponized PDF File

Researchers discovered a new wave of a phishing campaign that bypassing the Microsoft APT protection and delivery the Adwind malware via weaponized PDF file to attack utilities Industry network. Adwind, a.k.a Unrecom, Sockrat, JSocket, and jRat is a cross-platform RAT that distributed via malware-as-a-service in underground markets where users can purchase and utilize to target […]

root

Newly Discovered Hacking Tools Remotely control the Hacked Computers via a GUI & Command-Line Interface

Researchers discovered two new malicious hacking tools (BalkanRAT, BalkanDoor) from the ongoing campaign Balkans that act as a remote access trojan and backdoor. Malware authors developed these Tools with two different features. BalkanRAT, a remote access trojan that controls the compromised computer remotely via a graphical interface and the BalkanDoor performing the same operation using […]

root

Beware !! Orcus RAT Delivered Through Advertisement video Files and Images

A new highly sophisticated campaign that delivers the Orcus RAT embedded in video files and Images. The campaign mainly focuses on information stealing and .NET evasion. The Orcus RAT is capable of steal browser cookies and passwords, launch server stress tests (DDoS attacks), disable the webcam activity light, record microphone input, spoof file extensions, log […]

root

Author of Luminosity RAT Gets 2.5 Years in Federal Prison

Colton Ray Grubbs, 21 from Stanford, Kentucky has been sent to 30 months (2.5 years) in prison for developing and operating the infamous Luminosity RAT or Luminosity Link RAT (Remote Access Trojan) that targeted unsuspected users worldwide. Luminosity RAT allowed hackers to infect targeted devices by automatically disabling the anti-malware or anti-virus program installed on the system to spy […]

root

Beware !! Hackers Deliver FlawedAmmyy RAT via Weaponized Microsoft Word and PDF Documents

Cybercriminals spreading powerful FlawedAmmyy RAT via Weaponized Microsoft Word and PDF Attachments to spy victims device and steal the sensitive information Remotely. Hackers always lookout for legitimate programs or application to evade detection and to execute code with minimal user interaction. Matt Nelson from SpecterOps recently published research on how attackers could abuse “.SettingContent-ms” file […]

root

Malicious Chrome and Edge Browser Extension Deliver Powerful Backdoor & RAT to Spy Victims PC

A malicious Chrome and Edge Browser Extension delivers powerful backdoor to stealing information from the browsers and monitor the victim’s activities. A downloader that delivers the malware payload that contains  Revisit remote administration tool along with a backdoor extension to hijack the infected system. The two payloads are apparently distributing from a group of Malware authors called […]

root

QuasarRAT – Remote Administration Tool for Windows

Quasar is a fast and light-weight remote administration tool coded in C#. Providing high stability and an easy-to-use user interface, Quasar is the perfect remote administration solution for you. Features TCP network stream (IPv4 & IPv6 support) Fast network serialization (NetSerializer) Compressed (QuickLZ) & Encrypted (AES-128) communication Multi-Threaded UPnP Support No-Ip.com Support Visit Website (hidden […]

root

Experts spotted a malware campaign using HoeflerText Popups to push RAT Malware

Experts spotted a new EITest campaign leveraging HoeflerText Popups to target Google Chrome users and push NetSupport Manager RAT or Locky ransomware Security expert Brad Duncan with both the SANS Internet Storm Center and Palo Alto Networks’ Unit 42, has spotted a malware campaign leveraging bogus popups that alert users to a missing web-font. The crooks are targeting Google […]

root

Free Cobian RAT Offered on Underground Hacking Forums Comes With a Backdoor

A remote access trojan (RAT) offered as a free download on underground hacking forums comes with a secret backdoor that grants the original author access to all the victim data. This new malware strain — advertised as Cobian RAT — has been offered for free to other crooks since February 2017, according to Deepen Desai, […]

root

Record Audio and Video Silently with Obfuscated Android Backdoor – GhostCtrl

New Android malware variant GhostCtrl steals data, control devices functionalities and even hijack the devices. It is certainly a variant of commercially sold OmniRAT that produced headlines in November 2015. Malware uses legitimate and popular apps like MMS, WhatsApp and Pokemon GO. Trend Micro detected it as ANDROIDOS_GHOSTCTRL.OPS / ANDROIDOS_GHOSTCTRL.OPSA, and then they named backdoor […]

root