RAT

Threatpost 

Smominru Cryptominer Scrapes Credentials for Half-Million Machines

August 7, 2019 TH Author access mining, Carbon Black, cryptomining, dark web, EternalBlue, Hacks, Malware, RAT, selling access, Smominru, Vulnerabilities, Web Security

The adversaries have retooled with EternalBlue and credential theft to add a new “access mining” revenue stream. READ MORE HERE…

Read more

Threatpost 

Facebook Removes Accounts Used to Infect Thousands With Malware

July 1, 2019 TH Author Facebook, hacker, Hacks, Libya, Malware, malware attack, RAT, remote access Trojan, social media malware, twitter, Web Security

A widespread malware campaign, ongoing since 2014, was using Facebook accounts and posts to spread malware through URL links. READ MORE HERE…

Read more

Threatpost 

MuddyWater APT Hones an Arsenal of Custom Tools

April 29, 2019 TH Author analysis, apt, custom tools, data exfiltration, Kaspersky Lab, Malware, Middle East, muddywater, RAT

The attack group shows a moderate level of sophistication, but the stage is set for MuddyWater to take things to the next level. READ MORE HERE…

Read more

Threatpost 

ThreatList: Banking Trojans Are Still The Top Big Bad for Email

February 13, 2019 TH Author Banking trojans, BEC, email threats, emotet, Malware, Malware Distribution, Most Recent ThreatLists, proofpoint quarterly report, q4 2018, ransomware, RAT, telemetry, Web Security

Banking trojans, led by the ever-changing Emotet, dominated the email-borne threat landscape in Q4, according to Proofpoint. READ MORE HERE…

Read more

Threatpost 

Spy Campaign Spams Pro-Tibet Group With ExileRAT

February 4, 2019 TH Author 60th anniversary, central tibetan administration, CTA, Dalai Lama, espionage, exilerat, Government, RAT, remote access Trojan, spam campaign, Tibet, tibet was never part of china, Uncategorized, Web Security

Referencing the Dalai Lama, the spam campaign is targeting recipients of a mailing list run by the Central Tibetan Administration. READ MORE HERE…

Read more

Threatpost 

TA505 Crime Gang Debuts Brand-New ServHelper Backdoor

January 11, 2019 TH Author banks, crime gang, downloader, email campaigns, flawedgrace, Malware, Malware analysis, RAT, remote desktop, servhelper, ta505, tunnel

The latest malware from TA505 has been seen targeting banks, retailers and restaurants with two different versions. READ MORE HERE…

Read more

Threatpost 

Unique Malspam Campaign Uses MS Publisher to Drop a RAT on Banks

August 17, 2018 TH Author Email, flawedammyy rat, Hacks, malspam, Malware, RAT, spam, Trojan, Uncategorized, Web Security

A new email campaign includes a Microsoft Office Publisher file with malicious URLs leading to the FlawedAmmyy RAT. READ MORE HERE…

Read more

Threatpost 

Highly Sophisticated Parasite RAT Emerges on the Dark Web

July 26, 2018 TH Author dark web, Malware, parasite http, Proofpoint, RAT, remote access Trojan, sophisticated

This brand-new RAT represents the latest escalation in an ongoing malware arms race that extends even to commodity malware. READ MORE HERE…

Read more

Threatpost 

APT15 Pokes Its Head Out With Upgraded MirageFox RAT

June 19, 2018 TH Author APT15, Chinese government, Hacks, intezer, Malware, Malware analysis, miragefox, new campaign, RAT

This is the first evidence of the China-linked threat actor’s activity since hacked the U.K. government and military in 2017 (which wasn’t made public until 2018). READ MORE HERE…

Read more

Threatpost 

Hidden Cobra Strikes Again with Custom RAT, SMB Malware

May 30, 2018 TH Author alert, Attacks, brambul, Critical Infrastructure, DHS, FBI, Government, Hidden Cobra, joanap, Lazarus Group, Malware, RAT, SMB, US-CERT

The North Korean-sponsored actors are targeting sensitive and proprietary information, and the malware could disrupt regular operations and disable systems and files. READ MORE HERE…

Read more