Trojan
PatchWork APT Hackers Expose Their Systems through Ragnatela RAT
Advanced Persistent Threat (APT) groups are among the most dangerous cybercrime organizations. They usually have a state-of-the-art malware at their disposal, and rely on very advanced attack mechanics to penetrate... Read more
NginRAT Hides In Nginx Processes
Cybercriminals often rely on a combination of malicious implants, even if their features tend to overlap. This appears the strategy that the creators of the newly spotted NginRAT use. Copies of this malware were... Read more
CetaRAT Trojan Uses Delayed Activation to Evade Security
The CetaRAT is a Remote Access Trojan (RAT) whose development and usage is attributed to an unknown Advanced Persistent Threat (APT) group. However, it is possible that the criminals behind it might be sharing tools... Read more
Graphon Backdoor, Harvest APT's Primary Implant
The Graphon Backdoor is a malicious implant whose development and usage is attributed to the Harvester Advanced Persistent Threat (APT) actor. As the name of this cybercrime group hints, their focus is on harvesting... Read more
Remove SillyRAT Malware
The SillyRAT Malware is a malicious application, which was created by a developer who does not appear to be involved in cybercrime. The app, written in Python, is available on a public GitHub page, alongside its... Read more
Nobelium APT Brings Out the Tomiris Backdoor Trojan
The Tomiris Backdoor Trojan is a new threat that appears to be in use by one or more Advanced Persistent Threat (APT) groups. Although there are significant similarities between the Tomiris Backdoor Trojan and malware... Read more
SysJoker Backdoors Infects Windows, Mac, and Linux Systems
More and more cybercrime organizations are turning towards multi-platform malware. This means that they are developing threats, which infiltrate not just the most popular operating system, Windows, but also Macs and... Read more
CronRAT Targets Linux eCommerce Servers
Linux systems are becoming a frequent target of cyberattacks. Of course, UNIX-based systems are much more secure compared to Windows, and this is one not all cybercriminals are able to develop and deploy such threats.... Read more
Remove Sabsik Trojan
The Sabsik Trojan is a unique detection name that multiple antivirus apps such as Windows Defender use to describe a potentially harmful file. Typically, Trojans of this type provide their operators with the ability... Read more
The MisterySnail RAT Targets IT Companies and Defense Contractors
The MysterySnail RAT is a new piece of malware targeting Windows systems. It has been active since August 2021, and its operators are exploiting zero-day vulnerabilities in Microsoft Windows versions. The latest... Read more
ShellClient Malware Targets Aerospace Industry Since 2018
ShellClient Malware is a newly discovered Remote Access Trojan that, however, has been in use for over two years. The criminals behind it are tracked under the alias MalKamak, and this particular campaign focuses on... Read more
FoggyWeb Malware Used by the Nobelium APT Actors
One of the largest cybercrime campaigns of 2021 was the supply-chain attack against the SolarWinds software vendor. The group behind it, the Nobelium APT, is still active. They are developing different types of... Read more
Nobelium APT Hackers Introduce the Ceeloader Malware
The Nobelium Advanced Persistent Threat (APT) actor is back with a new piece of malware called Ceeloader. The criminals who had a main role in the SolarWinds attack are one of the most renowned cybercrime groups to... Read more
Suspected Malware-as-a-Service, RATDispenser, Delivers Trojans
Typically Trojan Loaders focus on deploying one or two implants to the systems they compromise. However, what if there is a loader that is capable of unloading a wide range of payloads, depending on the attacker's... Read more
FlawedGrace RAT Leads the Change in TA505's Latest Campaign
The FlawedGrace RAT is a new piece of malware that the TA505 Advanced Persistent Threat (APT) actors use. Previously, traces of this malware were spotted in the ServHelper campaign that the same gang was responsible... Read more
BlackTech APT Uses the Gh0stTimes Malware
The Gh0stTimes Malware is an upgraded variant of a well-known Remote Access Trojan – the Gh0st RAT. Both of these threats have been involved in multiple attack campaigns of the BlackTech hacking group. Unfortunately,... Read more
MalRhino Android Banking Trojan Active in Latin America
The MalRhino Android Banking Trojan is a project, which shares some similarities with PixStealer. However, it goes after a broader range of targets, and packs a larger number of features. While both threats are... Read more
SparrowDoor Backdoor, a Custom Trojan by the FamousSparrow APT
The FamousSparrow Advanced Persistent Threat (APT) group is fairly new name to the cybercrime field. Recently, their activities and campaigns have been observed closely by malware researchers, and the first implant... Read more
