18 May 2020

RATicate Group Hits Industrial Firms With Revolving Payloads

According to researchers, a new threat group called RATicate is targeting industrial companies with revolving payloads and is behind several malspam attacks against companies such as LokiBot, Agent Tesla, Netwire, FormBook, and BetaBot. Researchers have attributed at least six separate campaigns to the group, with the first starting in November

Read More
07 May 2020

Lazarus Group Hides macOS Spyware in 2FA Application

Lazarus Group, a cyberthreat group with known links to North Korea, has added a new variant of the Dacls remote-access trojan (RAT) that specifically targets the macOS operating system. The Dacls RAT has been created from an existing Linux version and was first discovered last December when it targeted Windows

Read More
18 Mar 2020

Coronavirus-Themed APT Attack Spreads Malware

An advanced persistent threat (APT) group has been leveraging the current pandemic to spread new malware deemed “Vicious Panda.” Security researchers stated that they had identified two suspicious Rich Text Format files targeting the Mongolian public sector. The RTF files execute a unique remote access trojan that takes screenshots of

Read More
08 Jan 2020

UK Man Jailed for Using RAT to Spy on Women

A UK man named Scott Cowley was sentenced to jail in Liverpool Crown Court earlier this week after pleading guilty to violating the UK Computer Misuse Act and Sexual Offences Act. Cowley used a Remote Access Trojan (RAT) to spy on various women via their webcams. RAT, notorious for its

Read More
08 Nov 2019

You’ve got malware: Malicious actors are waiting in your inbox

A new report by Proofpoint looks at the email threat landscape in Q3 of this year. It shows that message containing malicious URLs now make up 88% of email-based threats. The overall volume of messages designed to get users to interact with nefarious URLs or attachments fell by 40% compared

Read More
02 Oct 2019

New Adwind RAT Variant Used Against the US Petroleum Sector

Security researchers with Netskope have uncovered a sophisticated malware campaign targeting firms in the US petroleum industry. Companies in the sector are receiving malicious phishing messages that trigger the download of a new variant of the Adwind Remote Access Trojan (RAT). Adwind is also known as jRAT, AlienSpy, JSocket, and

Read More