Skip to main content

Tag: rat

8 articles

Windows host computer on an office workstation with a blurred desktop screen.

LabubaRAT Exploits NVIDIA Disguise to Control Windows Hosts

Meet LabubaRAT, a sneaky threat that masquerades as NVIDIA software to take control of Windows hosts, allowing hackers to profile, capture, and manipulate sensitive data. Once deployed, it creates a hidden backdoor for further malicious activity.

Analyst 207
Blurred laptop screen showing Microsoft Teams on a plain surface with office supplies nearby.

Ransomware Gang Exploits Microsoft Teams to Conceal Malicious Traffic

Meet Backdoor.Turn, a sneaky new malware that's abusing Microsoft Teams to hide its malicious activities - and it's a game-changer for cyber threats. This clever RAT uses Teams' own infrastructure against us, making it harder to spot its secret communications.

Analyst 207
Discarded Android smartphones and tech components litter a dimly lit urban alleyway.

ESET Exposes BTMOB Android Malware Service

Meet BTMOB, a sneaky Android malware that's being sold as a subscription service - think $700/month or a one-time $5,000 fee for a lifetime license - making it easy for anyone to become a cyber threat actor. This malware-as-a-service platform even comes with a user-friendly APK builder, requiring zero coding skills.

Analyst 207
Brightly-lit financial sector setting with computer workstation in background.

Lazarus Group Deploys Memory-Only RAT in Financial Sector Attacks

The notorious Lazarus Group has unleashed a sneaky new attack tool, a memory-only Remote Access Trojan (RAT), targeting the financial sector with cunning precision. This stealthy malware, known as RemotePE, is just the latest weapon in the group's arsenal, and it's being used to infiltrate and manipulate its victims.

Analyst 207
Windows laptop on cluttered desk with smartphone nearby, displaying blurred login screen.

CloudZ Malware Exploits Phone Link to Harvest SMS OTPs

Beware of CloudZ malware, a sneaky Windows threat that's been stealing SMS messages and one-time passwords since January 2026 by exploiting Microsoft's Phone Link app. This malicious duo, paired with the Pheno plugin, can capture mobile authentication data without ever touching your smartphone.

Analyst 207
Windows laptop with Phone Link app open, connected to smartphone via USB, on a cluttered home office desk.

CloudZ Malware Exploits Microsoft Phone Link to Harvest SMS and OTPs

Beware: CloudZ malware is exploiting Microsoft's Phone Link feature to intercept SMS and OTPs, putting your sensitive info at risk. This sneaky attack uses a plugin called Pheno to tap into your Phone Link activity and steal your private messages.

Analyst 207
Windows computer workstation in an office setting with router and cables, and a blank laptop screen on the desk.

Python Backdoor Exploits Tunneling Service to Harvest Browser, Cloud Credentials

Meet DEEP#DOOR, a sneaky Python-based backdoor framework that's harvesting browser and cloud credentials by exploiting a tunneling service, and learn how it infiltrates systems through a clever sequence of stealthy steps. This sophisticated threat starts with a simple batch script that disables Windows security controls and ends with a fully featured Remote Access Trojan (RAT).

Analyst 207

New Trojan STX RAT Targets Finance Sector with Sophisticated Stealth Methods

Meet STX RAT, a sneaky new remote access trojan that's got its sights set on the finance sector, using advanced stealth methods and command-and-control capabilities to evade detection. This latest threat is a wake-up call for defenders, testing their readiness to respond to increasingly sophisticated attacks.

Analyst 207