NukeSped Copies Fileless Code From Bundlore, Leaves It Unused

While investigating samples of NukeSped, a remote access trojan (RAT), Trend Micro came across several Bundlore adware samples using the same fileless routine that was spotted in NukeSped. The backdoor has been attributed to the cybercriminal group Lazarus, which has Read More …

New Android malware targeting banks in Italy, Spain, Germany, Belgium, and the Netherlands

A new Android trojan has been identified by security researchers, who said on Monday that once it is successfully installed in the victim’s device, those behind it can obtain a live stream of the device screen and also interact with Read More …

Meet Janeleiro: a new banking Trojan striking company, government targets

A banking Trojan striking corporate targets across Brazil has been unmasked by researchers. On Tuesday, ESET published an advisory on the malware, which has been in development since 2018. Dubbed Janeleiro, the Trojan appears to be focused on Brazil as Read More …

Compromised Website Images Camouflage ObliqueRAT Malware

The ObliqueRAT malware is now cloaking its payloads as seemingly-innocent image files that are hidden on compromised websites. The remote access trojan (RAT), which has been operating since 2019, spreads via emails, which have malicious Microsoft Office documents attached. Previously, Read More …

Adversary Infrastructure Report 2020: A Defender’s View

Recorded Future tracks the creation and modification of new malicious infrastructure for a multitude of post-exploitation toolkits, custom malware frameworks, and open-source remote access trojans. The effort has been ongoing since 2017, when Insikt Group created methodologies to identify the Read More …

This ‘off the shelf’ Tor backdoor malware is now a firm favorite with ransomware operators

A Remote Access Trojan (RAT) on sale in underground forums has evolved to abuse Tor when maintaining persistence on infected machines. On Thursday, Sophos Labs’ Sivagnanam Gn and Sean Gallagher revealed ongoing research into the malware, which has been in Read More …