Security News > 2020 > March > Boost security defenses against Kwampirs RAT malware with new list of IOCs
ReversingLabs has analyzed clues from attacks by the Kwampirs remote access trojan to help software companies defend their organizations against this malware.
In addition to attacks against supply chain software providers, the FBI said the same malware was also used in attacks against healthcare, energy, and financial companies.
ReversingLabs started with publicly available YARA rules for Kwampirs and matched that information against all samples collected by the Titanium Platform in the last 90 days.
ReversingLabs collected data samples from Kwampirs attacks to write a reliable malware configuration parser that extracts network configurations from the samples.
ReversingLabs created a list of indicators of compromise based on this Kwampirs RAT analysis.
News URL
Related news
- New TCESB Malware Found in Active Attacks Exploiting ESET Security Scanner (source)
- Product Walkthrough: A Look Inside Wing Security's Layered SaaS Identity Defense (source)
- Chinese hackers target Russian govt with upgraded RAT malware (source)
- Skyhawk Security brings preemptive cloud app defense to RSAC 2025 (source)
- Malicious PyPi package hides RAT malware, targets Discord devs since 2022 (source)
- Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Million Potential Victims (source)
- How lean security teams can build resilient defenses (source)