Skip to main content

Tag: remote access trojan

72 articles

ConnectWise ScreenConnect Risky Exploit: Stunning AsyncRAT

ConnectWise ScreenConnect Risky Exploit: Stunning AsyncRAT

Imagine your trusted remote-admin tool becoming the very doorway attackers use to steal credentials and siphon crypto—researchers found ConnectWise ScreenConnect sessions abused to run a fleshless, in-memory VBScript loader that dropped AsyncRAT to harvest keys, keystrokes, and wallets. Harden RMM access, monitor session scripts, and assume compromise—because when legitimate tooling is weaponized, detection needs to get smarter fast.

Analyst 207
remote access trojan: Stunning Risky Threat Revealed

remote access trojan: Stunning Risky Threat Revealed

One click from a phishing email can now install MostereRAT — a stealthy, modular remote‑access trojan that evolved from banking malware into a plugin‑driven tool for data theft, persistence and lateral movement — proving attackers are turning familiar scams into long‑term, hard‑to‑detect footholds. Protect yourself with multifactor authentication, least‑privilege access, up‑to‑date patching and behavioral detection, because signature‑based defenses alone won’t cut it.

Analyst 207
signed Windows kernel driver: Stunning Risky Backdoor

signed Windows kernel driver: Stunning Risky Backdoor

When a Microsoft‑signed WatchDog driver (amsdk.sys) was abused to neuter endpoint defenses and plant ValleyRAT, it proved that a valid signature isn’t a guarantee of safety. This Silver Fox campaign underscores why organizations must stop trusting signatures alone and add behavior‑based controls and tighter vetting for privileged drivers.

Analyst 207
Operation HanKook Phantom: Exclusive Dangerous Threat

Operation HanKook Phantom: Exclusive Dangerous Threat

When colleagues become targets, South Korea’s academic community is facing a stealthy campaign — Operation HanKook Phantom — where ScarCruft (APT37) uses tailored phishing and the RokRAT trojan to siphon research and influence policy debates. Universities must boost basics like MFA, endpoint protection and phishing training to protect open inquiry without closing it off.

Analyst 207
supply chain attacks: Risky npm compromise – Must-Have alert

supply chain attacks: Risky npm compromise – Must-Have alert

When a trusted npm package—eslint-config-prettier—was hijacked to deliver the Scavenger RAT, it turned the open-source supply chain into an attack highway. Developers and teams must treat dependencies as potential threats: pin versions, enable 2FA, rotate secrets, and hunt for compromises before convenience becomes a vulnerability.

Analyst 207
Cybersecurity Threats: Must-Have Defenses for Risky Firms

Cybersecurity Threats: Must-Have Defenses for Risky Firms

A recent PureRAT campaign delivered via Ghost Crypt shows how quickly accounting firms’ trusted data can be undermined by stealthy malware and simple human mistakes—so now’s the time to treat cybersecurity as an everyday business priority. Strengthen controls, train staff with realistic phishing drills, and lock down access and backups to stop a single click from becoming a firm‑wide disaster.

Analyst 207
AsyncRAT Code Release Drives Global Rise in Malware Threats

AsyncRAT Code Release Drives Global Rise in Malware Threats

When a powerful open-source tool like AsyncRAT falls into the wrong hands, it can quickly transform from a helpful remote admin app into a global malware menace—fueling a surge of cyberattacks that threaten industries worldwide.

Analyst 207
New PHP-Based Interlock RAT Targets Industries via FileFix Delivery

New PHP-Based Interlock RAT Targets Industries via FileFix Delivery

A new PHP-based RAT is shaking up cybersecurity by sneaking into web servers through a clever FileFix delivery system—posing a serious challenge for industries used to defending against traditional Windows threats.

Analyst 207
Interlock Ransomware Deploys New RAT in Widespread Cyberattack

Interlock Ransomware Deploys New RAT in Widespread Cyberattack

Interlock ransomware just leveled up—deploying a stealthy new Remote Access Trojan that lets attackers silently steal data and move through networks undetected. It’s a wake-up call for everyone to rethink cybersecurity before it’s too late.

Analyst 207
Interlock Ransomware Deploys New RAT in Global Cyberattack Campaign

Interlock Ransomware Deploys New RAT in Global Cyberattack Campaign

The Interlock ransomware gang just stepped up their game with a stealthy new RAT that lets them sneak inside networks and stay hidden—making it more crucial than ever to strengthen your defenses before it’s too late.

Analyst 207
TAG-140 Deploys DRAT V2 RAT, Targeting Indian Government, Defense, and Rail Sectors

TAG-140 Deploys DRAT V2 RAT, Targeting Indian Government, Defense, and Rail Sectors

TAG-140 deploys DRAT V2 RAT, targeting critical Indian government, defense, and rail sectors to enhance cyber espionage efforts and data theft.

Analyst 207
Silver Fox: Chinese Group Deploys Sainbox RAT and Hidden Rootkit via Fake Websites

Silver Fox: Chinese Group Deploys Sainbox RAT and Hidden Rootkit via Fake Websites

Chinese group Silver Fox uses fake websites to deploy Sainbox RAT and hidden rootkits, targeting unsuspecting users for cyber espionage.

Analyst 207
Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets

Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets

Discord invite link hijacking campaign delivers AsyncRAT and Skuld stealer targeting crypto wallets. Learn how cybercriminals exploit vulnerabilities.

Analyst 207
Supply chain attack hits Gluestack NPM packages with 960K weekly downloads

Supply chain attack hits Gluestack NPM packages with 960K weekly downloads

Supply chain attack strikes Gluestack’s NPM packages with 960K weekly downloads, exposing vulnerabilities that threaten project security and developer trust.

Analyst 207
New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers

New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers

New Windows RAT evades detection for weeks by exploiting corrupted DOS and PE headers, showcasing advanced stealth tactics against security measures.

Analyst 207
Advanced RAT Uncovered: Malware Analysis Exposes Manipulated Header Techniques

Advanced RAT Uncovered: Malware Analysis Exposes Manipulated Header Techniques

Discover how advanced RAT malware exploits manipulated header techniques to breach systems. Analysis reveals critical tactics behind evolved cyber threats.

Analyst 207
Counterfeit Bitdefender Site Deploys Three Malware Tools

Counterfeit Bitdefender Site Deploys Three Malware Tools

Counterfeit Bitdefender site deploys three malware tools, undermining security by compromising systems and exposing sensitive data. Stay vigilant!

Analyst 207
Cybercriminals Impersonate Antivirus Website to Distribute Venom RAT and Hijack Crypto Wallets

Cybercriminals Impersonate Antivirus Website to Distribute Venom RAT and Hijack Crypto Wallets

Cybercriminals impersonate antivirus sites to spread Venom RAT, hijack crypto wallets, and jeopardize user security in the digital realm.

Analyst 207
Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Million Potential Victims

Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Million Potential Victims

Fake Kling AI Facebook ads deliver RAT malware to over 22M potential victims, exposing them to remote control threats and data breaches.

Analyst 207
Printer maker Procolored offered malware-laced drivers for months

Printer maker Procolored offered malware-laced drivers for months

Printer maker Procolored pushed malware-laced drivers for months, putting customers at risk. Uncover details of the security scandal.

Analyst 207
PyPi Package Conceals RAT Malware, Targeting Discord Developers Since 2022

PyPi Package Conceals RAT Malware, Targeting Discord Developers Since 2022

PyPi package camouflages RAT malware targeting Discord developers since 2022, exposing a dangerous supply chain threat.

Analyst 207
Researchers Discover Malware in Bogus Discord PyPI Package Accumulating Over 11,500 Downloads

Researchers Discover Malware in Bogus Discord PyPI Package Accumulating Over 11,500 Downloads

Researchers uncovered malware in a fake Discord PyPI package, racking up over 11,500 downloads and sparking significant cybersecurity alerts.

Analyst 207
Stealthy VShell RAT: The Rise of Chinese Hackers’ Fileless Attacks

Stealthy VShell RAT: The Rise of Chinese Hackers’ Fileless Attacks

Explore the rise of the stealthy VShell RAT, a tool used by Chinese hackers for fileless attacks, evading detection and compromising systems.

Analyst 207
Chinese Spies Deploy Stealth RAT to Compromise US Organizations – Ongoing Activity Reported Last Week

Chinese Spies Deploy Stealth RAT to Compromise US Organizations – Ongoing Activity Reported Last Week

Chinese spies are using stealth RATs to infiltrate US organizations, with ongoing activity reported last week. Stay informed on this cybersecurity threat.

Analyst 207