#remote-access-trojan

[ follow ]
#cybersecurity #malware #phishing #data-theft #android-malware #supply-chain-attack #ransomware #npm #clickfix
#cybersecurity
Python
fromThe Hacker News
10 months ago

Researchers Uncover Malware in Fake Discord PyPI Package Downloaded 11,500+ Times

A malicious PyPI package named discordpydebug disguises itself as a Discord utility while incorporating a remote access trojan.
Roam Research
fromThe Hacker News
5 days ago

GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data

A new evolution of the GlassWorm campaign enables comprehensive data theft and installs a remote access trojan disguised as a Google Docs extension.
more#cybersecurity
Information security
fromThe Hacker News
3 weeks ago

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

A malicious npm package impersonating OpenClaw deploys a remote access trojan and steals sensitive data including credentials, crypto wallets, SSH keys, and browser data from infected systems.
Web frameworks
fromThe Hacker News
3 weeks ago

Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

Malicious Packagist PHP packages disguised as Laravel utilities distribute a cross-platform remote access trojan enabling full system compromise on Windows, macOS, and Linux.
Information security
fromTheregister
1 month ago

Double whammy: Steaelite RAT bundles data theft, ransomware

Steaelite, a new remote access trojan sold on cybercrime networks, enables double extortion attacks on Windows machines through ransomware, data theft, credential stealing, and live surveillance controlled via a centralized browser-based dashboard.
fromThe Hacker News
1 month ago

CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware

The campaign exploits recent geopolitical developments to lure victims into opening malicious .LNK files disguised as protest-related images or videos, researchers Subhajeet Singha, Eliad Kimhy, and Darrel Virtusio said in a report published this week. These files are bundled with authentic media and a Farsi-language report providing updates from 'the rebellious cities of Iran.' This pro- protest framing appears to be intended to increase credibility and to attract Farsi-speaking Iranians seeking protest-related information.
Information security
Information security
fromThe Hacker News
1 month ago

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Attackers compromised dYdX client packages on npm and PyPI to distribute malicious releases that steal wallet credentials and install a remote access trojan.
#android-malware
more#android-malware
Information security
fromZDNET
2 months ago

Watch out for this fake Windows BSOD - it's actually malware

Cybercriminals use fake BSODs, ClickFix social engineering, and fake CAPTCHAs to trick hospitality workers into running a Russian-linked RAT that enables remote PC takeover.
#phishing
more#phishing
Information security
fromThe Hacker News
3 months ago

React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors

React2Shell is exploited to deploy stealthy remote-access malware such as KSwapDoor and ZnDoor, enabling encrypted mesh communications, command execution, and file operations.
fromThe Hacker News
3 months ago

Fake OSINT and GPT Utility GitHub Repos Spread PyStoreRAT Malware Payloads

Cybersecurity researchers are calling attention to a new campaign that's leveraging GitHub-hosted Python repositories to distribute a previously undocumented JavaScript-based Remote Access Trojan (RAT) dubbed PyStoreRAT. "These repositories, often themed as development utilities or OSINT tools, contain only a few lines of code responsible for silently downloading a remote HTA file and executing it via 'mshta.exe,'" Morphisec researcher Yonatan Edri said in a report shared with The Hacker News.
Information security
Information security
fromThe Hacker News
5 months ago

Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files

A coordinated spear-phishing campaign named PhantomCaptcha used fake Zoom and Cloudflare CAPTCHA pages to deliver a WebSocket-based remote access trojan to Ukraine-related organizations.
Information security
fromSecurityWeek
6 months ago

Threat Actor Infests Hotels With New RAT

RevengeHotels targets hotels to steal guest credit card data via phishing-delivered RATs, adding AI-generated loaders and VenomRAT to achieve persistent access.
fromThe Hacker News
6 months ago

TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations

Available in both Python and C variants, CastleRAT's core functionality consists of collecting system information, downloading and executing additional payloads, and executing commands via CMD and PowerShell," Recorded Future Insikt Group said.
Information security
Node JS
fromIT Pro
9 months ago

Developers beware: Malware has been found in a dozen popular NPM packages - here's what you need to know

Over a dozen NPM packages have been compromised, delivering malware that allows attackers to control infected machines.
Node JS
fromBleepingComputer
10 months ago

Interlock ransomware gang deploys new NodeSnake RAT on universities

Interlock gang deploys NodeSnake RAT against educational institutions, showcasing evolving malware threats.
[ Load more ]