Related Families: AsyncRAT
Verticals Targeted: Consumer Services
DcRAT Distributed Via Adult Content Themed Lures
Jun 26, 2023 1:57:42 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Infostealer, RAT, DcRAT, AsyncRAT
Related Families: AhMyth
Executive Summary
AhRAT, an Android RAT, was disguised as the iRecorder app. This malicious version of the iRecorder app is capable of recording audio and exfiltrating files from a victim’s device.
PingPull Linux Variant
May 8, 2023 3:05:38 PM / by The Hivemind posted in Threat Bulletin, Espionage, China, PingPull, Gallium, RAT, Sword2033
Related Families: Sword2033
Executive Summary
China nexus threat actor group Gallium was recently observed using a new Linux variant of PingPull in an espionage campaign.
SysUpdate Linux Variant
Mar 14, 2023 3:30:50 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Linux, RAT, Trojan, SysUpdate, Iron Tiger, Emissary Panda, APT27
Verticals Targeted: Gambling
Executive Summary
Trend Micro recently reported on a new Linux variant of Emissary Panda’s SysUpdate. SysUpdate is one of Emissary Panda’s custom tools.
Parallax RAT Targeting Crypto
Mar 7, 2023 11:36:09 AM / by The Hivemind posted in Threat Bulletin, Cryptocurrency, RAT, Parallax, ParallaxRat
Verticals Targeted: Cryptocurrency, DeFi, Finance
Executive Summary
Uptycs recently reported on activity in which threat actors used Parallax RAT to target entities in the cryptocurrency sector.
Hook Android Banking Trojan
Jan 31, 2023 12:25:40 PM / by The Hivemind posted in Threat Bulletin, Banking, Android, RAT, Trojan, Hook, Ermac, DukeEugene
Related Families: Ermac
Verticals Targeted: Financial
Executive Summary
Threat Fabric recently reported on Hook, an Android banking trojan that is a fork of Ermac.
Woody RAT Targets Russia
Aug 15, 2022 2:18:29 PM / by PolySwarm Tech Team posted in Russia, Threat Bulletin, Woody RAT, RAT
Executive Summary
Malwarebytes recently reported on Woody RAT, a RAT being used to target entities in Russia.