Rust-Based Injector Deploys XWorm and Remcos RAT in Multi-Stage Attack

By Waqas
FortiGuard Labs Reveals Insights into Recent Surge of Cyberattacks Utilizing Rust Programming Language.
This is a post from HackRead.com Read the original post: Rust-Based Injector Deploys XWorm and Remcos RAT in Multi-Stage Attack
Continue reading Rust-Based Injector Deploys XWorm and Remcos RAT in Multi-Stage Attack

[SANS ISC] Deobfuscation of Malware Delivered Through a .bat File

Today, I published the following diary on isc.sans.edu: “Deobfuscation of Malware Delivered Through a .bat File“: I found a phishing email that delivered a RAR archive (password protected). Inside the archive, there was a simple .bat file (SHA256: 57ebd5a707eb69dd719d461e1fbd14f98a42c6c3dcb8505e4669c55762810e70) with the following name: “SRI DISTRITAL – DPTO DE COBRO -SRI

The post [SANS ISC] Deobfuscation of Malware Delivered Through a .bat File appeared first on /dev/random.

Continue reading [SANS ISC] Deobfuscation of Malware Delivered Through a .bat File

Attackers Try to Deploy Remcos Malware with COVID-19-related Messages

A new phishing campaign targeting U.S. users is trying to deploy Remcos, a powerful trojan that allows an attacker to gain full control of a victim’s computer, according to research from Microsoft Security Intelligence. A multitude of phishing an… Continue reading Attackers Try to Deploy Remcos Malware with COVID-19-related Messages

Attack Campaign Leveraged Coronavirus Theme to Deliver Remcos RAT

Security researchers discovered an attack campaign that abused fears surrounding the global coronavirus outbreak to deliver the Remcos RAT. Yoroi Security detected the attack campaign when its threat intelligence activities uncovered a suspicious artif… Continue reading Attack Campaign Leveraged Coronavirus Theme to Deliver Remcos RAT

Talos: Remcos software is a surveillance tool posing as legitimate software

U.S. law enforcement has been alerted to the use of the Remcos RAT in multiple global hacking campaigns, according to Cisco’s Talos Security Intelligence and Research Group. The ads say Remcos Remote Access Tool is legal IT management software. But the RAT allows a user to sneak malware by security products and then secretly surveil a targeted computer. Remcos itself is sold by a German-registered company, Breaking Security, that markets it as a legitimate way to remotely access computers. However, the software has been spotted in hacking campaigns targeting defense contractors in Turkey, news agencies, diesel equipment manufacturers, airlines and energy sector companies. “What we found here is a piece of software being used by bad guys in a lot of different places,” Cisco Talos director Craig Williams told CyberScoop. “They sell a crypter attempting to make the malware undetectable, a keylogger payload, a mass mailer to mail it out and they even have […]

The post Talos: Remcos software is a surveillance tool posing as legitimate software appeared first on Cyberscoop.

Continue reading Talos: Remcos software is a surveillance tool posing as legitimate software

Two New Edge Exploits Integrated into Sundown Exploit Kit

Two recently published proof-of-concept exploits targeted Microsoft Edge were recently integrated into the Sundown Exploit Kit. Continue reading Two New Edge Exploits Integrated into Sundown Exploit Kit