RAT

DarkWatchman RAT uses Windows Registry fileless storage mechanismDarkWatchman RAT uses Windows Registry fileless storage mechanism

DarkWatchman RAT uses Windows Registry fileless storage mechanism

DarkWatchman is a new lightweight javascript-based Remote Access Trojan (RAT) that uses novel methods for fileless persistence. Recently Prevailion experts…

3 years ago
RATDispenser, a new stealthy JavaScript loader used to distribute RATsRATDispenser, a new stealthy JavaScript loader used to distribute RATs

RATDispenser, a new stealthy JavaScript loader used to distribute RATs

RATDispenser is a new stealthy JavaScript loader that is being used to spread multiple remote access trojans (RATs) into the…

4 years ago
GravityRAT returns disguised as an end-to-end encrypted chat appGravityRAT returns disguised as an end-to-end encrypted chat app

GravityRAT returns disguised as an end-to-end encrypted chat app

Threat actors are distributing the GravityRAT remote access trojan masqueraded as an end-to-end encrypted chat application named SoSafe Chat. Threat actors…

4 years ago
ChaChi, a GoLang Trojan used in ransomware attacks on US schoolsChaChi, a GoLang Trojan used in ransomware attacks on US schools

ChaChi, a GoLang Trojan used in ransomware attacks on US schools

A new Trojan written in the Go programming language, tracked as ChaChi, was involved in ransomware attacks against government agencies…

4 years ago
MSBuild tool used to deliver RATs filelesslyMSBuild tool used to deliver RATs filelessly

MSBuild tool used to deliver RATs filelessly

Hackers abuses Microsoft Build Engine (MSBuild) to filelessly deliver malware on targeted Windows systems, including RAT and password-stealer. Researchers from…

4 years ago
Operation Spalax, an ongoing malware campaign targeting Colombian entitiesOperation Spalax, an ongoing malware campaign targeting Colombian entities

Operation Spalax, an ongoing malware campaign targeting Colombian entities

Security experts from ESET uncovered an ongoing surveillance campaign, dubbed Operation Spalax, against Colombian government institutions and private companies. Malware…

4 years ago
Fake Trump sex video used to spread QNode RATFake Trump sex video used to spread QNode RAT

Fake Trump sex video used to spread QNode RAT

Researchers uncovered a malspam campaign that spreads the QNode remote access Trojan (RAT) using fake Trump's sex scandal video as…

4 years ago
njRAT RAT operators leverage Pastebin C2 tunnels to avoid detectionnjRAT RAT operators leverage Pastebin C2 tunnels to avoid detection

njRAT RAT operators leverage Pastebin C2 tunnels to avoid detection

Threat actors behind the njRAT Remote Access Trojan (RAT) are leveraging active Pastebin Command and Control Tunnels to avoid detection.…

4 years ago
Malicious npm packages spotted delivering njRAT TrojanMalicious npm packages spotted delivering njRAT Trojan

Malicious npm packages spotted delivering njRAT Trojan

npm security staff removed two packages that contained malicious code to install the njRAT remote access trojan (RAT) on developers'…

5 years ago
LimeRAT malware delivered using 8-year-old VelvetSweatshop trickLimeRAT malware delivered using 8-year-old VelvetSweatshop trick

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

Researchers spotted a campaign using Excel files to spread LimeRAT malware using the 8-year-old and well-known VelvetSweatshop bug. Researchers at…

5 years ago
Show more Posts
Show previous Posts