Browsing tag
A 24-year-old Australian national has been charged for his purported role in the creation and sale of spyware for use by domestic violence perpetrators and child sex offenders. Jacob Wayne John Keen, who currently resides at Frankston, Melbourne, is said to have created the remote access trojan (RAT) when he was 15, while also administering […]
An unknown advanced persistent threat (APT) group has been linked to a series of spear-phishing attacks targeting Russian government entities since the onset of the Russo-Ukrainian war in late February 2022. “The campaigns […] are designed to implant a Remote Access Trojan (RAT) that can be used to surveil the computers it infects, and run […]
A previously undocumented remote access trojan (RAT) written in the Go programming language has been spotted disproportionately targeting entities in Italy, Spain, and the U.K. Called Nerbian RAT by enterprise security firm Proofpoint, the novel malware leverages COVID-19-themed lures to propagate as part of a low volume email-borne phishing campaign that started on April 26, […]
A cyberespionage group with ties to North Korea has resurfaced with a stealthier variant of its remote access trojan called Konni to attack political institutions located in Russia and South Korea. “The authors are constantly making code improvements,” Malwarebytes researcher Roberto Santos said. “Their efforts are aimed at breaking the typical flow recorded by sandboxes […]
A new malware campaign targeting Afghanistan and India is exploiting a now-patched, 20-year-old flaw affecting Microsoft Office to deploy an array of commodity remote access trojans (RATs) that allow the adversary to gain complete control over the compromised endpoints. Cisco Talos attributed the cyber campaign to a “lone wolf” threat actor operating a Lahore-based fake […]
Details have emerged about a new cyber espionage campaign directed against the aerospace and telecommunications industries, primarily in the Middle East, with the goal of stealing sensitive information about critical assets, organizations’ infrastructure, and technology while remaining in the dark and successfully evading security solutions. Boston-based cybersecurity company Cybereason dubbed the attacks “Operation Ghostshell,” pointing […]
A spam campaign delivering spear-phishing emails aimed at South American organizations has retooled its techniques to include a wide range of commodity remote access trojans (RATs) and geolocation filtering to avoid detection, according to new research. Cybersecurity firm Trend Micro attributed the attacks to an advanced persistent threat (APT) tracked as APT-C-36 (aka Blind Eagle), […]
A previously undocumented Android-based remote access trojan (RAT) has been found to use screen recording features to steal sensitive information on the device, including banking credentials, and open the door for on-device fraud. Dubbed “Vultur” due to its use of Virtual Network Computing (VNC)’s remote screen-sharing technology to gain full visibility on targeted users, the […]
Researchers discovered two new malicious hacking tools (BalkanRAT, BalkanDoor) from the ongoing campaign Balkans that act as a remote access trojan and backdoor. Malware authors developed these Tools with two different features. BalkanRAT, a remote access trojan that controls the compromised computer remotely via a graphical interface and the BalkanDoor performing the same operation using […]
A new highly sophisticated campaign that delivers the Orcus RAT embedded in video files and Images. The campaign mainly focuses on information stealing and .NET evasion. The Orcus RAT is capable of steal browser cookies and passwords, launch server stress tests (DDoS attacks), disable the webcam activity light, record microphone input, spoof file extensions, log […]
New Adwind 3.0 RAT (Remote access Trojan) Evolving with new sophisticated capabilities, unlike old version it mainly attacks desktop version of Linux, Windows and Mac OSX using DDE code injection technique. Attackers are using weaponized Microsoft Office documents to compromise the targeted victims and also new capabilities that able to avoid detection by anti-virus software. This attack […]
Cybercriminals spreading powerful FlawedAmmyy RAT via Weaponized Microsoft Word and PDF Attachments to spy victims device and steal the sensitive information Remotely. Hackers always lookout for legitimate programs or application to evade detection and to execute code with minimal user interaction. Matt Nelson from SpecterOps recently published research on how attackers could abuse “.SettingContent-ms” file […]
A newly uncovered APT Malware called GravityRAT deployed by a hacking group to attack various sectors in India, US, and UK. This GravityRAT remote access trojan has been under continuous development for the last 2 years by skilled cyber criminals and increased a lot of future to maintain the persistence. It has been distributed with […]
Newly Discovered two new Android RAT Compromising Victims Mobile and steals various sensitive information such as Photos, Contacts, SMS and it can also record the user’s phone call conversations. Both variants have the same functionality in terms of stealing the sensitive data from victims and the researchers named this as KevDroid. One Variant of this Android RAT […]
A newly emerging Remote access Trojan called CannibalRAT that completely written in Python language targeting and impacting the Brazilian public sector management school. Python is a powerful programming language that is being deployed for everything from data science to machine learning and writing web applications. It spreading with 2 different versions (3.0 and 4.0) both have completely […]
The Adwind cross-platform, malware-as-a-service Trojan has been around since 2012. Spread by phishing emails claiming to be invoices, purchase orders, and requests for quotations, it’s aimed at high value targets like finance departments. While it never completely disappeared in recent years the number of attacks did die down. However, security awareness training company KnowBe4 has noted an […]
ProofPoint uncovered a new cyber espionage campaign dubbed Operation Transparent Tribe targeting Indian diplomatic and military entities. A new cyber espionage campaign dubbed Operation Transparent Tribe is targeting diplomats and military personnel in India. The researchers at Proofpoint who have uncovered the hacking campaign confirmed that threat actors used a number of hacking techniques to hit the […]