Tag: remote access trojan
72 articles

ConnectWise ScreenConnect Risky Exploit: Stunning AsyncRAT
Imagine your trusted remote-admin tool becoming the very doorway attackers use to steal credentials and siphon crypto—researchers found ConnectWise ScreenConnect sessions abused to run a fleshless, in-memory VBScript loader that dropped AsyncRAT to harvest keys, keystrokes, and wallets. Harden RMM access, monitor session scripts, and assume compromise—because when legitimate tooling is weaponized, detection needs to get smarter fast.

remote access trojan: Stunning Risky Threat Revealed
One click from a phishing email can now install MostereRAT — a stealthy, modular remote‑access trojan that evolved from banking malware into a plugin‑driven tool for data theft, persistence and lateral movement — proving attackers are turning familiar scams into long‑term, hard‑to‑detect footholds. Protect yourself with multifactor authentication, least‑privilege access, up‑to‑date patching and behavioral detection, because signature‑based defenses alone won’t cut it.

signed Windows kernel driver: Stunning Risky Backdoor
When a Microsoft‑signed WatchDog driver (amsdk.sys) was abused to neuter endpoint defenses and plant ValleyRAT, it proved that a valid signature isn’t a guarantee of safety. This Silver Fox campaign underscores why organizations must stop trusting signatures alone and add behavior‑based controls and tighter vetting for privileged drivers.

Operation HanKook Phantom: Exclusive Dangerous Threat
When colleagues become targets, South Korea’s academic community is facing a stealthy campaign — Operation HanKook Phantom — where ScarCruft (APT37) uses tailored phishing and the RokRAT trojan to siphon research and influence policy debates. Universities must boost basics like MFA, endpoint protection and phishing training to protect open inquiry without closing it off.

supply chain attacks: Risky npm compromise – Must-Have alert
When a trusted npm package—eslint-config-prettier—was hijacked to deliver the Scavenger RAT, it turned the open-source supply chain into an attack highway. Developers and teams must treat dependencies as potential threats: pin versions, enable 2FA, rotate secrets, and hunt for compromises before convenience becomes a vulnerability.

Cybersecurity Threats: Must-Have Defenses for Risky Firms
A recent PureRAT campaign delivered via Ghost Crypt shows how quickly accounting firms’ trusted data can be undermined by stealthy malware and simple human mistakes—so now’s the time to treat cybersecurity as an everyday business priority. Strengthen controls, train staff with realistic phishing drills, and lock down access and backups to stop a single click from becoming a firm‑wide disaster.

AsyncRAT Code Release Drives Global Rise in Malware Threats
When a powerful open-source tool like AsyncRAT falls into the wrong hands, it can quickly transform from a helpful remote admin app into a global malware menace—fueling a surge of cyberattacks that threaten industries worldwide.

New PHP-Based Interlock RAT Targets Industries via FileFix Delivery
A new PHP-based RAT is shaking up cybersecurity by sneaking into web servers through a clever FileFix delivery system—posing a serious challenge for industries used to defending against traditional Windows threats.

Interlock Ransomware Deploys New RAT in Widespread Cyberattack
Interlock ransomware just leveled up—deploying a stealthy new Remote Access Trojan that lets attackers silently steal data and move through networks undetected. It’s a wake-up call for everyone to rethink cybersecurity before it’s too late.

Interlock Ransomware Deploys New RAT in Global Cyberattack Campaign
The Interlock ransomware gang just stepped up their game with a stealthy new RAT that lets them sneak inside networks and stay hidden—making it more crucial than ever to strengthen your defenses before it’s too late.

TAG-140 Deploys DRAT V2 RAT, Targeting Indian Government, Defense, and Rail Sectors
TAG-140 deploys DRAT V2 RAT, targeting critical Indian government, defense, and rail sectors to enhance cyber espionage efforts and data theft.

Silver Fox: Chinese Group Deploys Sainbox RAT and Hidden Rootkit via Fake Websites
Chinese group Silver Fox uses fake websites to deploy Sainbox RAT and hidden rootkits, targeting unsuspecting users for cyber espionage.

Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets
Discord invite link hijacking campaign delivers AsyncRAT and Skuld stealer targeting crypto wallets. Learn how cybercriminals exploit vulnerabilities.

Supply chain attack hits Gluestack NPM packages with 960K weekly downloads
Supply chain attack strikes Gluestack’s NPM packages with 960K weekly downloads, exposing vulnerabilities that threaten project security and developer trust.

New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers
New Windows RAT evades detection for weeks by exploiting corrupted DOS and PE headers, showcasing advanced stealth tactics against security measures.

Advanced RAT Uncovered: Malware Analysis Exposes Manipulated Header Techniques
Discover how advanced RAT malware exploits manipulated header techniques to breach systems. Analysis reveals critical tactics behind evolved cyber threats.

Counterfeit Bitdefender Site Deploys Three Malware Tools
Counterfeit Bitdefender site deploys three malware tools, undermining security by compromising systems and exposing sensitive data. Stay vigilant!

Cybercriminals Impersonate Antivirus Website to Distribute Venom RAT and Hijack Crypto Wallets
Cybercriminals impersonate antivirus sites to spread Venom RAT, hijack crypto wallets, and jeopardize user security in the digital realm.

Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Million Potential Victims
Fake Kling AI Facebook ads deliver RAT malware to over 22M potential victims, exposing them to remote control threats and data breaches.

Printer maker Procolored offered malware-laced drivers for months
Printer maker Procolored pushed malware-laced drivers for months, putting customers at risk. Uncover details of the security scandal.

PyPi Package Conceals RAT Malware, Targeting Discord Developers Since 2022
PyPi package camouflages RAT malware targeting Discord developers since 2022, exposing a dangerous supply chain threat.

Researchers Discover Malware in Bogus Discord PyPI Package Accumulating Over 11,500 Downloads
Researchers uncovered malware in a fake Discord PyPI package, racking up over 11,500 downloads and sparking significant cybersecurity alerts.

Stealthy VShell RAT: The Rise of Chinese Hackers’ Fileless Attacks
Explore the rise of the stealthy VShell RAT, a tool used by Chinese hackers for fileless attacks, evading detection and compromising systems.

Chinese Spies Deploy Stealth RAT to Compromise US Organizations – Ongoing Activity Reported Last Week
Chinese spies are using stealth RATs to infiltrate US organizations, with ongoing activity reported last week. Stay informed on this cybersecurity threat.