remote administration tool – Computer Security Articles

APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT

March 17, 2020 admin APT, apt36, coronavirus, coronavirus malware, covid-19, credential stealer, crimson rat, exploit, Exploits, info-stealer, macro, malicious macro, malware, nation-state attack, Rat, remote administration tool, Social engineering, spear phishing, spear phishing attack, Threat analysis, transparent tribe

Credit to Author: Threat Intelligence Team| Date: Mon, 16 Mar 2020 15:00:00 +0000

We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data.

Categories:

Threat analysis

Tags: APT APT36 coronavirus coronavirus malware covid-19 credential stealer crimson rat exploit exploits info-stealer macro malicious macro malware nation-state attack rat remote administration tool Social Engineering spear phishing spear phishing attack transparent tribe

MalwareBytes Security

Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT

September 26, 2018 admin anti exploit, CVE-2018-8174, CVE-2018-8373, exploit, Exploits, Indicators of compromise, IOC, IOCs, Pastebin, patch, quasar, Rat, remote administration tool, Threat analysis, virustotal, vulnerabilities, Vulnerability

Credit to Author: Jérôme Segura| Date: Wed, 26 Sep 2018 17:13:26 +0000

A threat actor implements a newer vulnerability exploited in Internet Explorer to serve up the Quasar RAT and diversify the portfolio of attacks.

Categories:

Tags: anti exploit CVE-2018-8174 CVE-2018-8373 exploit Indicators of compromise IOC IOCs pastebin patch Quasar rat remote administration tool virustotal vulnerabilities vulnerability

MalwareBytes Security

Fake IRS notice delivers customized spying tool

September 21, 2017 admin CP2000, CVE-2017-0199, doc, exploit, irs, malspam, malware, office, phishing, Rat, remote administration tool, RMS, spy, Threat analysis, Word

Credit to Author: Jérôme Segura| Date: Thu, 21 Sep 2017 15:00:24 +0000

Threat actors leverage a Microsoft Office exploit to spy on their victims. In this blog post, we will review its delivery mechanism and analyze the malware we observed, a modified version of a commercial Remote Administration Tool (RAT).

Categories:

Tags: CP2000 CVE-2017-0199 doc exploit IRS malspam malware Office phishing rat remote administration tool RMS spy word

(Read more…)

The post Fake IRS notice delivers customized spying tool appeared first on Malwarebytes Labs.

Independent Krebs

Dual-Use Software Criminal Case Not So Novel

April 4, 2017 admin Aeonhack, Allison Nixon, Blackshades RAT, Blackshades trojan, Electronic Frontier Foundation, FBI, Flashpoint, Hackforums, justice department, Kevin Poulsen, Limitless Keylogger, Mark Rumold, Mephobia, NanoCore, Net Seal, Other, Rat, remote access trojan, remote administration tool, Taylor Huddleston, TeamViewer and VNC, The Daily Beast, wired, Zachary Shames

Credit to Author: BrianKrebs| Date: Tue, 04 Apr 2017 18:41:33 +0000

“He built a piece of software. That tool was pirated and abused by hackers. Now the feds want him to pay for the computer crooks’ crimes.” The above snippet is the subhead of a story published last month by the Daily Beast titled “FBI Arrests Hacker Who Hacked No One.” The subject of that piece — a 26-year-old American named Taylor Huddleston — faces felony hacking charges connected to two computer programs he authored and sold: An anti-piracy product called Net Seal, and a Remote Administration Tool (RAT) called NanoCore that he says was a benign program designed to help users remotely administer their computers. The author of the Daily Beast story, former black hat hacker and Wired.com editor Kevin Poulsen, argues that Huddelston’s case “raises a novel question: When is a programmer criminally responsible for the actions of his users? Some experts say [the case] could have far reaching implications for developers, particularly those working on new technologies that criminals might adopt in unforeseeable ways.” But a closer look at the government’s side of the story — as well as public postings left behind by the accused and his alleged accomplices — paints a more complex and nuanced picture that suggests this may not be the case to raise that legal question in a meaningful way.