RAT Archives - Page 3 of 10 - Security Affairs

Pierluigi Paganini April 01, 2020

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

Researchers spotted a campaign using Excel files to spread LimeRAT malware using the 8-year-old and well-known VelvetSweatshop bug. Researchers at the Mimecast Threat Center spotted a new campaign using Excel files to spread LimeRAT malware using the 8-year-old VelvetSweatshop bug. LimeRAT is a powerful Remote Administration Tool publicly available as an open-source project on Github, it […]

Pierluigi Paganini February 23, 2020

ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia

Cisco Talos researchers discovered a new malware, tracked as ObliqueRAT, that was employed targeted attacks against organizations in Southeast Asia. Experts from Cisco Talos discovered a new malware, tracked as ObliqueRAT, that appears a custom malware developed by a threat actor focused on government and diplomatic targets. The malware was employed in targeted attacks against […]

Pierluigi Paganini December 09, 2019

New ‘PyXie’ Python RAT targets multiple industries

Researchers discovered a new Python-based RAT dubbed PyXie that has been used in campaigns targeting a wide range of industries. Experts at BlackBerry Cylance have spotted a new Python-based remote access Trojan (RAT) that has been used in campaigns targeting a wide range of industries. PyXie has been first observed in the wild in 2018, […]

Pierluigi Paganini October 01, 2019

A new Adwind variant involved in attacks on US petroleum industry

Adwind is back, a new variant of the popular RAT is targeting US petroleum industry entities with new advanced features. A new variant of the popular Adwind RAT (aka jRAT, AlienSpy, and JSocket) is targeting entities in the US petroleum industry. The new variant implements advanced features such as multi-layer obfuscation. The malware is distributed via a […]

Pierluigi Paganini August 15, 2019

Threat actors use a Backdoor and RAT combo to target the Balkans

Apparently financially-motivated threat actors carried out a long-term campaign against the Balkans involving a backdoor and a RAT to compromise the targets. Security experts from ESET uncovered a long-running campaign carried out by a financially-motivated threat actor. The attackers combined a backdoor dubbed BalkanDoor and a remote access Trojan tracked as BalkanRAT to take control […]

Pierluigi Paganini August 02, 2019

Nation-state actor uses new LookBack RAT to target US utilities

Experts warn of a phishing campaign targeting US companies in the utility sector aimed at infecting systems with a new LookBack RAT. Security experts at Proofpoint uncovered a phishing campaign targeting US companies in the utility sector aimed at infecting systems with a new LookBack RAT. “Between July 19 and July 25, 2019, several spear-phishing […]

Pierluigi Paganini July 08, 2019

Spotting RATs: Delphi wrapper makes the analysis harder

Experts observed an increase of the malware spreading using less-known archive types as dropper,in particular ISO image.Delphi wrapper makes analysis harder Introduction In the last period, we observed an increase of the malware spreading using less-known archive types as an initial dropper, in particular, ISO image. The spread of threats exploiting ISO image to hide […]

Pierluigi Paganini July 02, 2019

After 2 years under the radars, Ratsnif emerges in OceanLotus ops

Security experts spotted a news wave of attacks carried out by the OceanLotus APT group that involved the new Ratsnif Trojan. Experts at the security firm Cylance detected a new RAT dubbed Ratsnif that was used in cyber espionage operations conducted by the OceanLotus APT group. The OceanLotus APT group, also known as APT32 or Cobalt Kitty, is state-sponsored group that […]

Pierluigi Paganini June 25, 2019

Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory

Researchers at Microsoft uncovered a malicious campaign that delivers the infamous FlawedAmmyy RAT directly in memory. Experts at Microsoft uncovered a malicious campaign that delivers the FlawedAmmyy RAT directly in memory. The FlawedAMMYY backdoor borrows the code of the Ammyy Admin remote access Trojan, it allows attackers to get full access to a victim’s machine. […]

Pierluigi Paganini June 17, 2019

New phishing campaign targets bank customers with WSH RAT

Security researchers at Cofense have spotted a phishing campaign aimed at commercial banking customers distributing a new remote access trojan (RAT) tracked as WSH RAT. Security experts at Cofense Phishing Defence Center have spotted a phishing campaign aimed at commercial banking customers that is distributing a new remote access trojan tracked as WSH RAT. The […]

RAT

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia

New ‘PyXie’ Python RAT targets multiple industries

A new Adwind variant involved in attacks on US petroleum industry

Threat actors use a Backdoor and RAT combo to target the Balkans

Nation-state actor uses new LookBack RAT to target US utilities

Spotting RATs: Delphi wrapper makes the analysis harder

After 2 years under the radars, Ratsnif emerges in OceanLotus ops

Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory

New phishing campaign targets bank customers with WSH RAT

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

UK NCA arrested four people over M&S, Co-op cyberattacks

PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

Qantas data breach impacted 5.7 million individuals

DoNot APT is expanding scope targeting European foreign ministries

Nippon Steel Solutions suffered a data breach following a zero-day attack

QUICK LINKS

RAT

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!