Orcus RAT Author Charged in Malware Scheme

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT, a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with orchestrating an international malware scheme. Continue reading Orcus RAT Author Charged in Malware Scheme

More AgentTesla keylogger and Nanocore RAT in one bundle

We are seeing a continuation of even more AgentTesla malspam campaigns again this morning. However today’s is somewhat different to usual and also delivers a Nanocore RAT. Actually the Nanocore RAT  is downloading the AgentTesla keylogger. And af… Continue reading More AgentTesla keylogger and Nanocore RAT in one bundle

multiple malware delivered from compromised website run on a domestic BT IP address

As I mentioned earlier in the week, we aren’t seeing massive amounts of malware, especially in the UK at the moment BUT we do see a steady lowish volume stream of commodity malware. These are they standard easy to purchase and use malware tools l… Continue reading multiple malware delivered from compromised website run on a domestic BT IP address

nanocore RAT via fake order in password protected word doc with wrong password

I was sent a message via the submissions system last night with the email the victim received attached. At first glance it looked like the typical password protected word docs we see regularly pretending to be either an order, invoice or resume, that f… Continue reading nanocore RAT via fake order in password protected word doc with wrong password

Fake Bank Detail For Funds Transfer delivers info stealer malware

We have been in a bit of  lull with a quiet couple of weeks on the malware front in the UK, but that seems to have come to an end overnight and early this morning.  Most of the malware are very common, well known versions of Lokibot, Hawkeye and a marg… Continue reading Fake Bank Detail For Funds Transfer delivers info stealer malware

Fake Payment Receipt delivers Nanocore RAT malware

We frequently see this sort of generic Malicious Spam email with an office file attachment that acts as a downloader for all sorts of malware. Today’s example is an email with the subject of [Your Email Address] RE:Payment Receipt for your refere… Continue reading Fake Payment Receipt delivers Nanocore RAT malware