Skip to main content

Tag: trojan

22 articles

New Trojan STX RAT Targets Finance Sector with Sophisticated Stealth Methods

Meet STX RAT, a sneaky new remote access trojan that's got its sights set on the finance sector, using advanced stealth methods and command-and-control capabilities to evade detection. This latest threat is a wake-up call for defenders, testing their readiness to respond to increasingly sophisticated attacks.

Analyst 207
Scissors cut through tangled fiber optic cables with laptop glow in background, surrounded by shredded papers.

Malware Delivers ClipBanker Through Sophisticated Infection Chain

Beware of a sneaky malware that can swap out the cryptocurrency wallet address you copied with a fake one, just by pasting a malicious software masquerading as Proxifier - putting your digital assets at risk. This Trojan uses a multi-stage infection chain to deliver ClipBanker, a stealthy threat that hijacks your clipboard.

Analyst 207
Stealit infostealer: Exclusive Dangerous VPN Threat

Stealit infostealer: Exclusive Dangerous VPN Threat

Think twice before installing that VPN or cracked game—attackers are hiding the Stealit info‑stealer inside trusted-looking installers to harvest passwords, cookies and crypto keys. Stick to official downloads, keep software updated, and watch for unusual app behavior to stay safe.

Analyst 207
Android banking trojan: Stunning, Dangerous Klopatra

Android banking trojan: Stunning, Dangerous Klopatra

A new Android trojan called Klopatra is quietly hijacking phones with a hidden VNC channel—letting attackers watch and control screens to bypass MFA and steal funds, especially across Spain and Italy. Keep your device updated and apps from official stores, and banks should adopt out‑of‑band confirmations and behavioral analytics to block these stealthy attacks.

Analyst 207
SEO poisoning: Dangerous, Exclusive Threat to Windows

SEO poisoning: Dangerous, Exclusive Threat to Windows

Search results are being weaponized: lookalike download pages boosted by SEO are tricking Chinese Windows users into installing trojanized installers carrying Hiddengh0st and Winos. Always grab updates from vendor channels, verify installer signatures, and be suspicious of search results that look “too convenient.”

Analyst 207
GitHub Pages Risky SEO Attack — Exclusive Warning

GitHub Pages Risky SEO Attack — Exclusive Warning

Imagine downloading what looks like legitimate software only to find your PC compromised — attackers are using SEO tricks and GitHub Pages to push kkRAT to Chinese-speaking users by creating convincing fake download pages and hijacking search rankings. Fortinet warns this weaponized trust turns routine searches into infection vectors, so stick to vendor sites and double-check every download.

Analyst 207
ConnectWise ScreenConnect Risky Exploit: Stunning AsyncRAT

ConnectWise ScreenConnect Risky Exploit: Stunning AsyncRAT

Imagine your trusted remote-admin tool becoming the very doorway attackers use to steal credentials and siphon crypto—researchers found ConnectWise ScreenConnect sessions abused to run a fleshless, in-memory VBScript loader that dropped AsyncRAT to harvest keys, keystrokes, and wallets. Harden RMM access, monitor session scripts, and assume compromise—because when legitimate tooling is weaponized, detection needs to get smarter fast.

Analyst 207
signed driver Dangerous: Stunning ValleyRAT Risk

signed driver Dangerous: Stunning ValleyRAT Risk

Imagine a trusted vendor’s driver used as a battering ram—Silver Fox has been abusing Microsoft‑signed kernel drivers to slip past endpoint defenses and install the ValleyRAT backdoor for stealthy, long‑term access and data theft. Tighten driver policies, add kernel‑level telemetry, and vet supply chains before digital trust becomes the next attack surface.

Analyst 207
Hook Android Trojan: Stunning Dangerous Ransomware Threat

Hook Android Trojan: Stunning Dangerous Ransomware Threat

A new Hook Android Trojan variant now combines banking fraud with ransomware-style lockouts, letting attackers both steal credentials and hold phones hostage. Millions of users should tighten app sources, review permissions, and keep backups as defenders scramble to catch up.

Analyst 207
ERMAC v30 Exposed: Stunning Risky Banking Threat

ERMAC v30 Exposed: Stunning Risky Banking Threat

A public leak of ERMAC v3.0’s source code has pulled back the curtain on a sharper, more widespread Android banking trojan—revealing both powerful theft techniques and the operators’ sloppy mistakes that could help investigators. It’s a stark reminder that transparency can empower defenders, but also risks giving other crooks a head start if we don’t act fast.

Analyst 207
AsyncRAT Open Source Code Drives Global Rise in Malware Threats

AsyncRAT Open Source Code Drives Global Rise in Malware Threats

What started as an open-source learning tool has turned into a global cyber threat, as AsyncRAT’s freely available code fuels a growing wave of malware attacks targeting everything from personal devices to critical infrastructure.

Analyst 207
Cybercriminals Exploit SonicWall VPN Vulnerabilities for Credential Theft

Cybercriminals Exploit SonicWall VPN Vulnerabilities for Credential Theft

Cybercriminals target SonicWall VPN vulnerabilities to steal credentials, compromising user security and accessing sensitive data. Stay informed and protected.

Analyst 207
Remote Access Attacks Leveraging SonicWall NetExtender Trojan and ConnectWise Vulnerabilities

Remote Access Attacks Leveraging SonicWall NetExtender Trojan and ConnectWise Vulnerabilities

Explore how remote access attacks exploit SonicWall NetExtender Trojans and ConnectWise vulnerabilities, threatening cybersecurity integrity.

Analyst 207
Over 200 Compromised GitHub Repositories Discovered in Attack on Gamers and Developers

Over 200 Compromised GitHub Repositories Discovered in Attack on Gamers and Developers

Over 200 compromised GitHub repositories linked to a cyber attack targeting gamers and developers, raising security concerns in the tech community.

Analyst 207
North Korean Cybercriminals Unleash Python Trojan Aimed at Cryptocurrency

North Korean Cybercriminals Unleash Python Trojan Aimed at Cryptocurrency

North Korean hackers deploy a Python Trojan to target cryptocurrency, exploiting vulnerabilities for financial gain in the digital currency space.

Analyst 207
Android Trojan Crocodilus Spreads Across 8 Countries, Targeting Banks and Crypto Wallets

Android Trojan Crocodilus Spreads Across 8 Countries, Targeting Banks and Crypto Wallets

Android Trojan Crocodilus is infecting devices in 8 countries, targeting banks and crypto wallets. Learn how to protect against this emerging threat.

Analyst 207
New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers

New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers

New Windows RAT evades detection for weeks by exploiting corrupted DOS and PE headers, showcasing advanced stealth tactics against security measures.

Analyst 207
RVTools

RVTools

RVTools is a powerful, free reporting tool for VMware vSphere that delivers inventory insights, performance metrics, and system visualization for admins.

Analyst 207
Fake KeePass password manager leads to ESXi ransomware attack

Fake KeePass password manager leads to ESXi ransomware attack

Fake KeePass password manager exploited to infect ESXi systems with ransomware, compromising virtual environments and risking server data.

Analyst 207
RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer

RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer

RVTools official site hacked—Trojanized installer now delivers Bumblebee malware. Learn the details and protect your systems today.

Analyst 207
BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan

BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan

BianLian and RansomExx exploit an SAP NetWeaver flaw to deploy the PipeMagic Trojan, exposing key vulnerabilities and urging rapid security patches.

Analyst 207
Android Spyware Masquerading as Alpine Quest App Aims at Russian Military Devices

Android Spyware Masquerading as Alpine Quest App Aims at Russian Military Devices

Android spyware disguised as the Alpine Quest app targets Russian military devices, posing a significant security threat.

Analyst 207