CyberNews Briefs

OceanLotus APT Uses New Ratsnif Trojan for Network Attacks

Researchers with Blackberry Cylance recently studied four variants of the Ratsnif remote access Trojan used by Vietnamese advanced persistent threat (APT) group OceanLotus  (aka APT32, CobaltKitty, SeaLotus, and APT-C-00).

The research shows that OceanLotus is continuously adding new capabilities to Ratsnif. The relatively unknown Trojan, which is used by OceanLotus for cyber espionage purposes, is now capable of modifying web pages, SSL hijacking, packet sniffing, ARP poisoning, DNS and MAC spoofing and setting up remote shell access.

Read more: OceanLotus APT Uses New Ratsnif Trojan for Network Attacks

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.