Trojan

PatchWork APT Hackers Expose Their Systems through Ragnatela RAT screenshot

PatchWork APT Hackers Expose Their Systems through Ragnatela RAT

Advanced Persistent Threat (APT) groups are among the most dangerous cybercrime organizations. They usually have a state-of-the-art malware at their disposal, and rely on very advanced attack mechanics to penetrate... Read more

January 17, 2022
NginRAT Hides In Nginx Processes screenshot

NginRAT Hides In Nginx Processes

Cybercriminals often rely on a combination of malicious implants, even if their features tend to overlap. This appears the strategy that the creators of the newly spotted NginRAT use. Copies of this malware were... Read more

December 3, 2021
CetaRAT Trojan Uses Delayed Activation to Evade Security screenshot

CetaRAT Trojan Uses Delayed Activation to Evade Security

The CetaRAT is a Remote Access Trojan (RAT) whose development and usage is attributed to an unknown Advanced Persistent Threat (APT) group. However, it is possible that the criminals behind it might be sharing tools... Read more

November 4, 2021
Graphon Backdoor, Harvest APT's Primary Implant screenshot

Graphon Backdoor, Harvest APT's Primary Implant

The Graphon Backdoor is a malicious implant whose development and usage is attributed to the Harvester Advanced Persistent Threat (APT) actor. As the name of this cybercrime group hints, their focus is on harvesting... Read more

October 19, 2021
Remove SillyRAT Malware screenshot

Remove SillyRAT Malware

The SillyRAT Malware is a malicious application, which was created by a developer who does not appear to be involved in cybercrime. The app, written in Python, is available on a public GitHub page, alongside its... Read more

October 13, 2021
Nobelium APT Brings Out the Tomiris Backdoor Trojan screenshot

Nobelium APT Brings Out the Tomiris Backdoor Trojan

The Tomiris Backdoor Trojan is a new threat that appears to be in use by one or more Advanced Persistent Threat (APT) groups. Although there are significant similarities between the Tomiris Backdoor Trojan and malware... Read more

September 30, 2021
SysJoker Backdoors Infects Windows, Mac, and Linux Systems screenshot

SysJoker Backdoors Infects Windows, Mac, and Linux Systems

More and more cybercrime organizations are turning towards multi-platform malware. This means that they are developing threats, which infiltrate not just the most popular operating system, Windows, but also Macs and... Read more

January 12, 2022
CronRAT Targets Linux eCommerce Servers screenshot

CronRAT Targets Linux eCommerce Servers

Linux systems are becoming a frequent target of cyberattacks. Of course, UNIX-based systems are much more secure compared to Windows, and this is one not all cybercriminals are able to develop and deploy such threats.... Read more

November 29, 2021
Remove Sabsik Trojan screenshot

Remove Sabsik Trojan

The Sabsik Trojan is a unique detection name that multiple antivirus apps such as Windows Defender use to describe a potentially harmful file. Typically, Trojans of this type provide their operators with the ability... Read more

October 29, 2021
The MisterySnail RAT Targets IT Companies and Defense Contractors screenshot

The MisterySnail RAT Targets IT Companies and Defense Contractors

The MysterySnail RAT is a new piece of malware targeting Windows systems. It has been active since August 2021, and its operators are exploiting zero-day vulnerabilities in Microsoft Windows versions. The latest... Read more

October 15, 2021
ShellClient Malware Targets Aerospace Industry Since 2018 screenshot

ShellClient Malware Targets Aerospace Industry Since 2018

ShellClient Malware is a newly discovered Remote Access Trojan that, however, has been in use for over two years. The criminals behind it are tracked under the alias MalKamak, and this particular campaign focuses on... Read more

October 7, 2021
FoggyWeb Malware Used by the Nobelium APT Actors screenshot

FoggyWeb Malware Used by the Nobelium APT Actors

One of the largest cybercrime campaigns of 2021 was the supply-chain attack against the SolarWinds software vendor. The group behind it, the Nobelium APT, is still active. They are developing different types of... Read more

September 28, 2021
Nobelium APT Hackers Introduce the Ceeloader Malware screenshot

Nobelium APT Hackers Introduce the Ceeloader Malware

The Nobelium Advanced Persistent Threat (APT) actor is back with a new piece of malware called Ceeloader. The criminals who had a main role in the SolarWinds attack are one of the most renowned cybercrime groups to... Read more

December 7, 2021
Suspected Malware-as-a-Service, RATDispenser, Delivers Trojans screenshot

Suspected Malware-as-a-Service, RATDispenser, Delivers Trojans

Typically Trojan Loaders focus on deploying one or two implants to the systems they compromise. However, what if there is a loader that is capable of unloading a wide range of payloads, depending on the attacker's... Read more

November 24, 2021
FlawedGrace RAT Leads the Change in TA505's Latest Campaign screenshot

FlawedGrace RAT Leads the Change in TA505's Latest Campaign

The FlawedGrace RAT is a new piece of malware that the TA505 Advanced Persistent Threat (APT) actors use. Previously, traces of this malware were spotted in the ServHelper campaign that the same gang was responsible... Read more

October 21, 2021
BlackTech APT Uses the Gh0stTimes Malware screenshot

BlackTech APT Uses the Gh0stTimes Malware

The Gh0stTimes Malware is an upgraded variant of a well-known Remote Access Trojan – the Gh0st RAT. Both of these threats have been involved in multiple attack campaigns of the BlackTech hacking group. Unfortunately,... Read more

October 13, 2021
MalRhino Android Banking Trojan Active in Latin America screenshot

MalRhino Android Banking Trojan Active in Latin America

The MalRhino Android Banking Trojan is a project, which shares some similarities with PixStealer. However, it goes after a broader range of targets, and packs a larger number of features. While both threats are... Read more

October 5, 2021
SparrowDoor Backdoor, a Custom Trojan by the FamousSparrow APT screenshot

SparrowDoor Backdoor, a Custom Trojan by the FamousSparrow APT

The FamousSparrow Advanced Persistent Threat (APT) group is fairly new name to the cybercrime field. Recently, their activities and campaigns have been observed closely by malware researchers, and the first implant... Read more

September 27, 2021