Tag: remote access trojan
Two Individuals Linked to “Hive RAT” Arrested – April 16th
The U.S. Department of Justice (DoJ) announced the arrest of two individuals in Australia for their ties to the "Hive RAT" remote access trojan (RAT). The two arrested individuals are suspected of being behind the distribution of the RAT, as found on the ‘Hack Forums’ cybercrime forum.
Chinese ‘Earth Krahang’ Group Compromised 70 Organizations – March 20th
Trend Micro reported on an advanced persistent threat actor linked to the Chinese government called ‘Earth Krahang’, compromising over 70 organizations, with a focus on governments. Focusing on cyber espionage, 'Earth Krahang' and its attacks target government agencies, affecting 48 government organizations across Asia, the Americas, Europe, and Africa.
Skype, Google Meet, and Zoom were used in the New Trojan Campaign – March 7th
Zscaler discovered a new remote access trojan (RAT) campaign that lures victims through fake online meeting links. Once the victims are lured into downloading the RAT through the meeting links impersonating Skype, Google Meet, and Zoom, the RAT payload may enable threat actors to steal sensitive information.
UK Claims e-Visas to be an ‘Enhanced Security’ Measure – February 12th
In the UK's move to phase out physical immigration documents by 2025, the UK’s Home Office claims the implementation of e-Visas to be not only for convenience and cost safety but also for 'enhanced security'. Although not much information is known on the newly implemented e-visa, the UK Home Office claims the e-visa to be securely linked with biometric information for enhanced security measures.
Chinese Malware Breaches Dutch Defense Department – February 7th
Specialists from the Netherlands' Military Intelligence and Security Service (MIVD) and the General Intelligence and Security Service (AIVD) announced a Chinese nation-state-sponsored malware 'Coathanger' and its breach on the Dutch Ministry of Defense (MoD). The stealthy 'Coathanger' malware's code revealed a remote access trojan (RAT) specifically built to infiltrate Fortinet's FortiGate firewalls through the 'CVE-2022-42475' vulnerability, which resulted in stolen user account credentials from the Dutch MoD's servers.
Turkish Cyber Espionage Group Targeting Dutch Orgs – January 9th
Hunt & Hackett uncovered information on “Sea Turtle”, a Turkish-affiliated cyber espionage group that shifted focus to target Netherlands-based organizations. "Sea Turtle" was found to launch politically motivated evasive info-stealing campaigns targeting Dutch government, telco, media, and NGO organizations.