Threat actors abuse Windows debugger tool to disguise PlugX trojan attacks
Researchers have discovered threat actors abusing legitimate open-source debugger tool for Windows to disguise PlugX trojan attacks.
RAT
Homemade DCRat can open “backdoors on a budget”
Researchers from Blackberry have discovered a redesigned remote access trojan DCRat that a lone cyber criminal is now offering as a homemade tool for opening “backdoors on a budget.”
Cisco Talos team discovers malicious campaign delivering Nanocore, Netwire and Async RATs
The Cisco Talos cybersecurity team discovered a malicious campaign delivering variants of Nanocore, Netwire and Async RATs targeting user’s information.
New version of CRAT remote access trojan targets endpoints
Security researchers from Cisco have discovered a new version of remote access trojan (RAT) dubbed “CRAT” that targets endpoints.
Ttint IoT botnet exploits 2 zero-days to spread RAT
A new IoT botnet dubbed Ttint now targets two Tenda router 0-day vulnerabilities to spread a Remote Access Trojan (RAT) based on Mirai botnet source code.
SlothfulMedia: new malware variant used by “sophisticated actors”
Security experts warned of a new malware variant dubbed SlothfulMedia has been used by a “sophisticated cyber actor.”
Loda RAT malware campaign
Security experts have spotted a new malware campaign that uses a new version of Loda remote access trojan (RAT). Cisco’s Talos security group observed over the past few months websites hosting a new version of Loda written in AutoIT. Loda was first discovered in 2017 and has been used for spying on victims. According to …
Tortoiseshell targets US veterans with fake website used to download malware
A cyber attack group dubbed “Tortoiseshell” has deployed a fake website posing as a site to help U.S. military veterans find jobs. The website is then used to download malware to visitors’ systems.
NOKKI malware and Reaper threat
A new malware family dubbed NOKKI is being used in politically motivated attacks targeting Russian and Cambodian speaking people and organizations.
HeroRat: Telegram-abusing Android RAT
ESET security researchers have discovered a new Android RAT (Remote Administration Tool) variant in the wild. The new variant is dubbed “HeroRat” and abuses the Telegram protocol for command and control, and can steal sensitive data.