Topic: remote access trojan
-
LinkedIn Phishing Attack Uses Pen Testing Tool to Target Executives
A sophisticated phishing campaign targets business leaders and IT professionals via LinkedIn, using industry-specific lures to build false trust and deliver malicious links. The attack deploys a Remote Access Trojan (RAT) by abusing a legitimate PDF reader through DLL sideloading, which complicat...
Read More » -
Chrome Extension Backdoor Disguised as Fake Crash Alerts
The malicious "NexShield" browser extension, a copy of a legitimate ad blocker, uses social engineering to trick users into running a harmful PowerShell command, deploying a remote access trojan that specifically targets corporate domain-joined computers. A separate, coordinated campaign involved...
Read More » -
Fake Windows BSOD Screens Deliver ClickFix Malware
A sophisticated phishing campaign targets the European hospitality industry by impersonating Booking.com, using a fake website and a fabricated Windows Blue Screen of Death error to trick users into manually installing malware. The attack deploys the DCRAT remote access trojan, which gains persis...
Read More » -
Malicious Solidity VSCode Extension Backdoors Developers
SleepyDuck malware disguised as a Solidity extension in the Open VSX registry has been downloaded over 53,000 times, targeting developers using AI-driven IDEs like Cursor and Windsurf. It uses an Ethereum smart contract for command-and-control, ensuring persistence by retrieving instructions from...
Read More » -
New Atroposia RAT Emerges on Dark Web
Atroposia is a newly discovered remote access trojan sold on dark web marketplaces, offering encrypted remote control, credential theft, and cryptocurrency wallet data extraction. The malware is modular and integrates with tools like SpamGPT for AI-driven phishing campaigns and MatrixPDF for weap...
Read More » -
Atroposia Malware Now Scans for Local Vulnerabilities
Atroposia is a malware-as-a-service platform offering a modular remote access trojan for $200 per month, featuring stealthy remote control, data theft, and a local vulnerability scanner to aid cybercriminals. Its capabilities include hidden remote desktop sessions, file manipulation, credential a...
Read More » -
North Korean Lazarus Hackers Target European Defense Firms
North Korea's Lazarus hacking group targeted European UAV defense firms through a deceptive recruitment campaign called Operation DreamJob, aiming to steal military drone technology. The attackers used trojanized applications and DLL sideloading to deploy the ScoringMathTea RAT, granting extensiv...
Read More » -
PhantomCaptcha Cyberattack Hits Ukraine Aid Groups
The PhantomCaptcha phishing campaign targeted humanitarian and government aid organizations for Ukraine by impersonating the Ukrainian President's Office and distributing malware via deceptive PDF attachments. Attackers used a multi-stage malware process involving a downloader script, reconnaissa...
Read More » -
ShadowV2 Botnet: The Alarming Rise of DDoS-for-Hire
A new botnet called ShadowV2 uses cloud tools like GitHub CodeSpaces and Docker to deploy malware that launches powerful DDoS attacks, targeting vulnerable cloud infrastructure. The operation functions as a sophisticated cybercrime-as-a-service platform, featuring a professional API, user managem...
Read More »