Security News > 2020 > March > Boost security defenses against Kwampirs RAT malware with new list of IOCs
ReversingLabs has analyzed clues from attacks by the Kwampirs remote access trojan to help software companies defend their organizations against this malware.
In addition to attacks against supply chain software providers, the FBI said the same malware was also used in attacks against healthcare, energy, and financial companies.
ReversingLabs started with publicly available YARA rules for Kwampirs and matched that information against all samples collected by the Titanium Platform in the last 90 days.
ReversingLabs collected data samples from Kwampirs attacks to write a reliable malware configuration parser that extracts network configurations from the samples.
ReversingLabs created a list of indicators of compromise based on this Kwampirs RAT analysis.
News URL
Related news
- Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection (source)
- Bitter APT Targets Turkish Defense Sector with WmRAT and MiyaRAT Malware (source)
- 'Bitter' cyberspies target defense orgs with new MiyaRAT malware (source)