Tag: trojan
22 articles
New Trojan STX RAT Targets Finance Sector with Sophisticated Stealth Methods
Meet STX RAT, a sneaky new remote access trojan that's got its sights set on the finance sector, using advanced stealth methods and command-and-control capabilities to evade detection. This latest threat is a wake-up call for defenders, testing their readiness to respond to increasingly sophisticated attacks.

Malware Delivers ClipBanker Through Sophisticated Infection Chain
Beware of a sneaky malware that can swap out the cryptocurrency wallet address you copied with a fake one, just by pasting a malicious software masquerading as Proxifier - putting your digital assets at risk. This Trojan uses a multi-stage infection chain to deliver ClipBanker, a stealthy threat that hijacks your clipboard.

Stealit infostealer: Exclusive Dangerous VPN Threat
Think twice before installing that VPN or cracked game—attackers are hiding the Stealit info‑stealer inside trusted-looking installers to harvest passwords, cookies and crypto keys. Stick to official downloads, keep software updated, and watch for unusual app behavior to stay safe.

Android banking trojan: Stunning, Dangerous Klopatra
A new Android trojan called Klopatra is quietly hijacking phones with a hidden VNC channel—letting attackers watch and control screens to bypass MFA and steal funds, especially across Spain and Italy. Keep your device updated and apps from official stores, and banks should adopt out‑of‑band confirmations and behavioral analytics to block these stealthy attacks.

SEO poisoning: Dangerous, Exclusive Threat to Windows
Search results are being weaponized: lookalike download pages boosted by SEO are tricking Chinese Windows users into installing trojanized installers carrying Hiddengh0st and Winos. Always grab updates from vendor channels, verify installer signatures, and be suspicious of search results that look “too convenient.”

GitHub Pages Risky SEO Attack — Exclusive Warning
Imagine downloading what looks like legitimate software only to find your PC compromised — attackers are using SEO tricks and GitHub Pages to push kkRAT to Chinese-speaking users by creating convincing fake download pages and hijacking search rankings. Fortinet warns this weaponized trust turns routine searches into infection vectors, so stick to vendor sites and double-check every download.

ConnectWise ScreenConnect Risky Exploit: Stunning AsyncRAT
Imagine your trusted remote-admin tool becoming the very doorway attackers use to steal credentials and siphon crypto—researchers found ConnectWise ScreenConnect sessions abused to run a fleshless, in-memory VBScript loader that dropped AsyncRAT to harvest keys, keystrokes, and wallets. Harden RMM access, monitor session scripts, and assume compromise—because when legitimate tooling is weaponized, detection needs to get smarter fast.

signed driver Dangerous: Stunning ValleyRAT Risk
Imagine a trusted vendor’s driver used as a battering ram—Silver Fox has been abusing Microsoft‑signed kernel drivers to slip past endpoint defenses and install the ValleyRAT backdoor for stealthy, long‑term access and data theft. Tighten driver policies, add kernel‑level telemetry, and vet supply chains before digital trust becomes the next attack surface.

Hook Android Trojan: Stunning Dangerous Ransomware Threat
A new Hook Android Trojan variant now combines banking fraud with ransomware-style lockouts, letting attackers both steal credentials and hold phones hostage. Millions of users should tighten app sources, review permissions, and keep backups as defenders scramble to catch up.

ERMAC v30 Exposed: Stunning Risky Banking Threat
A public leak of ERMAC v3.0’s source code has pulled back the curtain on a sharper, more widespread Android banking trojan—revealing both powerful theft techniques and the operators’ sloppy mistakes that could help investigators. It’s a stark reminder that transparency can empower defenders, but also risks giving other crooks a head start if we don’t act fast.

AsyncRAT Open Source Code Drives Global Rise in Malware Threats
What started as an open-source learning tool has turned into a global cyber threat, as AsyncRAT’s freely available code fuels a growing wave of malware attacks targeting everything from personal devices to critical infrastructure.

Cybercriminals Exploit SonicWall VPN Vulnerabilities for Credential Theft
Cybercriminals target SonicWall VPN vulnerabilities to steal credentials, compromising user security and accessing sensitive data. Stay informed and protected.

Remote Access Attacks Leveraging SonicWall NetExtender Trojan and ConnectWise Vulnerabilities
Explore how remote access attacks exploit SonicWall NetExtender Trojans and ConnectWise vulnerabilities, threatening cybersecurity integrity.

Over 200 Compromised GitHub Repositories Discovered in Attack on Gamers and Developers
Over 200 compromised GitHub repositories linked to a cyber attack targeting gamers and developers, raising security concerns in the tech community.

North Korean Cybercriminals Unleash Python Trojan Aimed at Cryptocurrency
North Korean hackers deploy a Python Trojan to target cryptocurrency, exploiting vulnerabilities for financial gain in the digital currency space.

Android Trojan Crocodilus Spreads Across 8 Countries, Targeting Banks and Crypto Wallets
Android Trojan Crocodilus is infecting devices in 8 countries, targeting banks and crypto wallets. Learn how to protect against this emerging threat.

New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers
New Windows RAT evades detection for weeks by exploiting corrupted DOS and PE headers, showcasing advanced stealth tactics against security measures.

RVTools
RVTools is a powerful, free reporting tool for VMware vSphere that delivers inventory insights, performance metrics, and system visualization for admins.

Fake KeePass password manager leads to ESXi ransomware attack
Fake KeePass password manager exploited to infect ESXi systems with ransomware, compromising virtual environments and risking server data.

RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer
RVTools official site hacked—Trojanized installer now delivers Bumblebee malware. Learn the details and protect your systems today.

BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan
BianLian and RansomExx exploit an SAP NetWeaver flaw to deploy the PipeMagic Trojan, exposing key vulnerabilities and urging rapid security patches.

Android Spyware Masquerading as Alpine Quest App Aims at Russian Military Devices
Android spyware disguised as the Alpine Quest app targets Russian military devices, posing a significant security threat.