remote-access Trojan – WindowsTechs.com

Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware

Posted on March 21, 2024 by Helga Labus

Attackers are exploiting the recently patched JetBrains TeamCity auth bypass vulnerability (CVE-2024-27198) to deliver ransomware, cryptominers and remote access trojans (RATs), according to Trend Micro researchers. The CVE-2024-27198 timeline CVE-2024… Continue reading Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware→

Growing AceCryptor attacks in Europe

Posted on March 20, 2024 by Help Net Security

ESET Research has recorded a considerable increase in AceCryptor attacks, with detections tripling between the first and second halves of 2023. In recent months, researchers registered a significant change in how AceCryptor is used, namely that the att… Continue reading Growing AceCryptor attacks in Europe→

Booking.com refund request? It might be an Agent Tesla malware attack

Posted on February 26, 2024 by Graham Cluley

Always be wary of opening unsolicited attachments – they might harbour malware.

That’s a message that is being strongly underlined once again, following the discovery of a cybercrime campaign that is sending out poisoned PDF files – pretending they … Continue reading Booking.com refund request? It might be an Agent Tesla malware attack→

Chinese hackers breached Dutch Ministry of Defense

Posted on February 7, 2024 by Helga Labus

Chinese state-sponsored hackers have breached the Dutch Ministry of Defense (MOD) last year and deployed a new remote access trojan (RAT) malware to serve as a backdoor. “The effects of the intrusion were limited because the victim network was se… Continue reading Chinese hackers breached Dutch Ministry of Defense→

Researchers uncover DarkGate malware’s Vietnamese connection

Posted on October 20, 2023 by Help Net Security

WithSecure researchers have tracked attacks using DarkGate malware to an active cluster of cybercriminals operating out of Vietnam. DarkGate is a remote access trojan (RAT) that has been used in attacks since at least 2018 and is currently available to… Continue reading Researchers uncover DarkGate malware’s Vietnamese connection→

Fake Bitwarden installation packages delivered RAT to Windows users

Posted on September 27, 2023 by Helga Labus

Windows users looking to install the Bitwarden password manager may have inadvertently installed a remote access trojan (RAT). The ZenRAT malware A malicious website spoofing Bitwarden’s legitimate one (located at bitwariden[.]com) has been offer… Continue reading Fake Bitwarden installation packages delivered RAT to Windows users→

Attackers can turn AWS SSM agents into remote access trojans

Posted on August 2, 2023 by Zeljka Zorz

Mitiga researchers have documented a new post-exploitation technique attackers can use to gain persistent remote access to AWS Elastic Compute Cloud (EC2) instances (virtual servers), as well as to non-EC2 machines (e.g., on-premises enterprise servers… Continue reading Attackers can turn AWS SSM agents into remote access trojans→

Alleged seller of NetWire RAT arrested in Croatia

Posted on March 10, 2023 by Help Net Security

This week, as part of a global law enforcement operation, federal authorities in Los Angeles successfully confiscated www.worldwiredlabs.com, a domain utilized by cybercriminals to distribute the NetWire remote access trojan (RAT) allowed perpetrators … Continue reading Alleged seller of NetWire RAT arrested in Croatia→

Business-grade routers compromised in low-key attack campaign

Posted on March 6, 2023 by Zeljka Zorz

An unknown threat actor has discreetly compromised business-grade DrayTek routers in Europe, Latin and North America, equipping them with a remote access trojan (dubbed HiatusRAT) and a packet capturing program. “The impacted models are high-band… Continue reading Business-grade routers compromised in low-key attack campaign→