Security News > 2020 > March > Boost security defenses against Kwampirs RAT malware with new list of IOCs
ReversingLabs has analyzed clues from attacks by the Kwampirs remote access trojan to help software companies defend their organizations against this malware.
In addition to attacks against supply chain software providers, the FBI said the same malware was also used in attacks against healthcare, energy, and financial companies.
ReversingLabs started with publicly available YARA rules for Kwampirs and matched that information against all samples collected by the Titanium Platform in the last 90 days.
ReversingLabs collected data samples from Kwampirs attacks to write a reliable malware configuration parser that extracts network configurations from the samples.
ReversingLabs created a list of indicators of compromise based on this Kwampirs RAT analysis.
News URL
Related news
- Infostealer malware bypasses Chrome’s new cookie-theft defenses (source)
- New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT (source)
- Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)