Escanor Remote Access Trojan in action
A new RAT has been seen on the dark web weaponizing Microsoft Office and Adobe PDF documents to deliver malicious code, dubbed Escanor. The threat actors offer Android-based and PC-based…
DarkTortilla Malware enhances sophistication
Researchers has warned of a sophisticated, evasive crypter that several threat actors are using to distribute a range of information stealers and RATs. Dubbed as DarkTortilla, a .NET-based crypter can…
ZuoRAT targets SOHO routers
Researchers have discovered a remote access Trojan currently being used against a wide range of small office-home office (SOHO) routers in Europe and North America potentially the work of a…
BORAT – Remote Access Trojan
Researchers have discovered a new RAT, named Borat, that enables operators to gain full access and remote control of an infected system. Unlike other RATs, the Borat RAT provides Ransomware…
DTPacker Lures With Liverpool Football Club
A new .NET malware packer being used to deliver a variety of RATs and infostealers has a fixed password named after Donald Trump, giving the new find its name, DTPacker.…
STRRAT Indulge in Phishing Campaign
A new phishing campaign using fake shipping delivery impersonating Maersk shipping lures installs the STRRAT remote access trojan on unsuspecting victim's devices. The macro code that runs fetches the STRRAT malware onto…
Patchwork APT !
Patchwork is an Indian threat actor that has been active since December 2015 and usually targets Pakistan via spear phishing attacks. Patchwork has used malicious RTF files to drop a variant…
DarkWatchman RAT
A new JavaScript based RAT dubbed DarkWatchman propagated via a social engineering campaign has been observed employing sneaky "fileless" techniques as part of its detection evasion methods to elude discovery…