Security News > 2020 > March > Boost security defenses against Kwampirs RAT malware with new list of IOCs
ReversingLabs has analyzed clues from attacks by the Kwampirs remote access trojan to help software companies defend their organizations against this malware.
In addition to attacks against supply chain software providers, the FBI said the same malware was also used in attacks against healthcare, energy, and financial companies.
ReversingLabs started with publicly available YARA rules for Kwampirs and matched that information against all samples collected by the Titanium Platform in the last 90 days.
ReversingLabs collected data samples from Kwampirs attacks to write a reliable malware configuration parser that extracts network configurations from the samples.
ReversingLabs created a list of indicators of compromise based on this Kwampirs RAT analysis.
News URL
Related news
- Andariel Hackers Target South Korean Institutes with New Dora RAT Malware (source)
- SPECTR Malware Targets Ukraine Defense Forces in SickSync Campaign (source)
- New Cross-Platform Malware 'Noodle RAT' Targets Windows and Linux Systems (source)
- Arm security defense shattered by speculative execution 95% of the time (source)
- Snowblind malware abuses Android security feature to bypass security (source)
- China-linked APT17 Targets Italian Companies with 9002 RAT Malware (source)
- Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware (source)