remote-access Trojan – WindowsTechs.com

Stealthy StilachiRAT steals data, may enable lateral movement

Posted on March 18, 2025 by Zeljka Zorz

While still not widely distributed, a new Windows remote access trojan (RAT) dubbed StilachiRAT is a serious threat. “[The malware] demonstrates sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensit… Continue reading Stealthy StilachiRAT steals data, may enable lateral movement→

Smashing Security podcast #402: Hackers get hacked, the British Museum IT shutdown, and social media kidnaps

Posted on January 30, 2025 by Graham Cluley

What happens when eager computer enthusiasts unknowingly download a trojanized hacking tool and find themselves on the wrong side of cybersecurity? A former employee’s actions led to chaos and raise urgent questions about the security of cultural trea… Continue reading Smashing Security podcast #402: Hackers get hacked, the British Museum IT shutdown, and social media kidnaps→

Law enforcement action deletes PlugX malware from thousands of machines

Posted on January 14, 2025 by Greg Otto

The remote access trojan was being used by a Chinese collective operating since 2014.

The post Law enforcement action deletes PlugX malware from thousands of machines appeared first on CyberScoop.

Continue reading Law enforcement action deletes PlugX malware from thousands of machines→

Ransomware gang targets IT workers with new RAT masquerading as IP scanner

Posted on August 6, 2024 by Zeljka Zorz

Ransomware-as-a-service outfit Hunters International is wielding a new remote access trojan (RAT). “The malware, named SharpRhino due to its use of the C# programming language, is delivered through a typosquatting domain impersonating the legitim… Continue reading Ransomware gang targets IT workers with new RAT masquerading as IP scanner→

20,000 FortiGate appliances compromised by Chinese hackers

Posted on June 12, 2024 by Zeljka Zorz

Coathanger – a piece of malware specifically built to persist on Fortinet’s FortiGate appliances – may still be lurking on too many devices deployed worldwide. How Coathanger persists on FortiGate devices In February 2024, the Dutch Militar… Continue reading 20,000 FortiGate appliances compromised by Chinese hackers→

Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware

Posted on March 21, 2024 by Helga Labus

Attackers are exploiting the recently patched JetBrains TeamCity auth bypass vulnerability (CVE-2024-27198) to deliver ransomware, cryptominers and remote access trojans (RATs), according to Trend Micro researchers. The CVE-2024-27198 timeline CVE-2024… Continue reading Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware→

Growing AceCryptor attacks in Europe

Posted on March 20, 2024 by Help Net Security

ESET Research has recorded a considerable increase in AceCryptor attacks, with detections tripling between the first and second halves of 2023. In recent months, researchers registered a significant change in how AceCryptor is used, namely that the att… Continue reading Growing AceCryptor attacks in Europe→

Booking.com refund request? It might be an Agent Tesla malware attack

Posted on February 26, 2024 by Graham Cluley

Always be wary of opening unsolicited attachments – they might harbour malware.

That’s a message that is being strongly underlined once again, following the discovery of a cybercrime campaign that is sending out poisoned PDF files – pretending they … Continue reading Booking.com refund request? It might be an Agent Tesla malware attack→

Chinese hackers breached Dutch Ministry of Defense

Posted on February 7, 2024 by Helga Labus

Chinese state-sponsored hackers have breached the Dutch Ministry of Defense (MOD) last year and deployed a new remote access trojan (RAT) malware to serve as a backdoor. “The effects of the intrusion were limited because the victim network was se… Continue reading Chinese hackers breached Dutch Ministry of Defense→