Security News

Remcos RAT Spreading Through Adult Games in New Attack Wave
2024-01-16 13:22

The remote access trojan (RAT) known as Remcos RAT has been found being propagated via webhards by disguising it as adult-themed games in South Korea. WebHard, short for web hard drive, is a...

Syrian Hackers Distributing Stealthy C#-Based Silver RAT to Cybercriminals
2024-01-08 14:04

Threat actors operating under the name Anonymous Arabic have released a remote access trojan (RAT) called Silver RAT that’s equipped to bypass security software and stealthily launch hidden...

New Bandook RAT Variant Resurfaces, Targeting Windows Machines
2024-01-05 05:16

A new variant of remote access trojan called Bandook has been observed being propagated via phishing attacks with an aim to infiltrate Windows machines, underscoring the continuous evolution of...

UAC-0050 Group Using New Phishing Tactics to Distribute Remcos RAT
2024-01-04 08:55

The threat actor known as UAC-0050 is leveraging phishing attacks to distribute Remcos RAT using new strategies to evade detection from security software. "The group's weapon of choice is Remcos...

Lazarus exploit Log4Shell vulnerability to deliver novel RAT malware
2023-12-12 14:33

North Korea-backed group Lazarus has been spotted exploiting the Log4Shell vulnerability and novel malware written in DLang. "This campaign consists of continued opportunistic targeting of enterprises globally that publicly host and expose their vulnerable infrastructure to n-day vulnerability exploitation such as CVE-2021-44228. We have observed Lazarus target manufacturing, agricultural and physical security companies," Cisco Talos researchers shared.

Lazarus hackers drop new RAT malware using 2-year-old Log4j bug
2023-12-11 21:25

The notorious North Korean hacking group known as Lazarus continues to exploit CVE-2021-44228, aka "Log4Shell," this time to deploy three previously unseen malware families written in DLang. The new malware are two remote access trojans named NineRAT and DLRAT and a malware downloader named BottomLoader.

Krasue RAT malware hides on Linux servers using embedded rootkits
2023-12-07 06:00

Security researchers discovered a remote access trojan they named Krasue that is targeting Linux systems of telecommunications companies and managed to remain undetected since 2021. According to researchers at cybersecurity company Group-IB, the main function of the malware is to maintain access to the host, which may suggest that it is deployed through a botnet or sold by initial access brokers to threat actors seeking access to a particular target.

Chinese Hackers Using SugarGh0st RAT to Target South Korea and Uzbekistan
2023-12-01 10:49

A suspected Chinese-speaking threat actor has been attributed to a malicious campaign that targets the Uzbekistan Ministry of Foreign Affairs and South Korean users with a remote access trojan...

NetSupport RAT Infections on the Rise - Targeting Government and Business Sectors
2023-11-20 15:19

Threat actors are targeting the education, government and business services sectors with a remote access trojan called NetSupport RAT. "The delivery mechanisms for the NetSupport RAT encompass...

Malicious NuGet Packages Caught Distributing SeroXen RAT Malware
2023-10-31 12:04

Cybersecurity researchers have uncovered a new set of malicious packages published to the NuGet package manager using a lesser-known method for malware deployment. Software supply chain security...