Over 5 years ago, we began tracking a new campaign that we called FakeUpdates (also known as SocGholish) that used compromised…
Tag: rat
Malware creator who compromised 10,000 computers arrested
The creator of a Remote Access Trojan (RAT), responsible for compromising more than 10,000 computers, has been arrested by law enforcement…
Woody RAT: A new feature-rich malware spotted in the wild
This blog post was authored by Ankur Saini and Hossein Jazi The Malwarebytes Threat Intelligence team has identified a new Remote…
China’s Tonto Team increases espionage activities against Russia
According to analyses of several cybersecurity firms and CERT (Computer Emergency Response Team) Ukraine (CERT-UA), the state-sponsored threat actor group Tonto…
Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis
This blog post was authored by Hossein Jazi and Jérôme Segura Populations around the world—and in Europe in particular—are following the…
New spear phishing campaign targets Russian dissidents
This blog post was authored by Hossein Jazi. — Updated to clarify the two different campaigns (Cobalt Strike and Rat) Several…
Gh0stCringe RAT makes database servers squeal for protection
Researchers have found that the Gh0stCringe RAT is infecting Microsoft SQL and MySQL, and seems to focus on servers with weak…
KONNI evolves into stealthier RAT
This blog post was authored by Roberto Santos KONNI is a Remote Administration Tool that has being used for at least…
Patchwork APT caught in its own web
Patchwork is an Indian threat actor that has been active since December 2015 and usually targets Pakistan via spear phishing attacks….
SoNot SoSafe: Android malware disguises itself as secure messaging app
If you haven’t heard of SoSafe Chat, you will now. This Android app, purported as a secure messaging application that uses…