Analysis of Redline Infostealer Campaign
Redline Stealer is a highly effective form of malware that is designed to steal sensitive information from infected systems. It was first discovered in 2018 that it can cause significant harm to...
AsyncRAT (Asynchronous Remote Access Trojan) is an open source remote administration malware that enables an attacker to take control of a victim’s computer. It is a powerful tool that allows the attacker to perform various malicious activities, such as stealing sensitive data, executing arbitrary code, aside from controlling the victim’s computer. Its payload files were written in .NET and can be easily customised by the attacker to achieve their targets. The malware is usually spread through phishing emails or by exploiting vulnerabilities in software or operating systems. Also, the malware uses asynchronous communication to evade detection.
Threat actors who are able to effectively exploit the CVE-2022-30190 (MSDT Dogwalk) vulnerability can run arbitrary code and introduce new processes into the system. LMNTRIX CDC has observed, threat actors utilising this vulnerability to infect consumers and businesses in both North America and Europe with backdoors and remote access tools such as AsyncRAT, Qakbot, and other malware families.
Redline Stealer is a highly effective form of malware that is designed to steal sensitive information from infected systems. It was first discovered in 2018 that it can cause significant harm to...
Agent Tesla is a password-stealer and remote access trojan that collects information about the actions of its victims by eavesdropping on keystrokes and user interactions. It is marketed as...
AsyncRAT (Asynchronous Remote Access Trojan) is an open source remote administration malware that enables an attacker to take control of a victim's computer. It is a powerful tool that allows the...
In the previous post, we have seen the Agent Tesla malware has infected its victims by using .PS1 Powershell script to invoke the web request from the Blacklisted IPs. Agent Tesla’s successful...
Cobalt Strike is a popular penetration testing tool that allows users to emulate advanced threats, perform reconnaissance, hide communications, escalate privileges, move laterally across the...
Qakbot (aka Qbot or Pinkslipbot) is a banking trojan, which steals sensitive data from the targeted victims and attempts to self-propagate to other systems on the network. As we all know,...
QuasarRAT (aka: CinaRAT, Yggdrasil) is a well-known open-source remote access trojan (RAT) that has been widely spread in the wild which is developed using the C# programming language and also as...
Remcos RAT, also known as Remote Control and Surveillance RAT, is a remote access Trojan (RAT) that enables attackers to take control and get unauthorised access to a victim's computer. Malicious...
Lorenz is a human operated ransomware group that targets global organizations. To pressurize the victim, the malware operator threatens the user to leak data online if the ransom is not paid. The...
Qakbot (aka Qbot or Pinkslipbot) is a banking trojan, which steals sensitive data from the targeted victims and attempts to self-propagate to other systems on the network. As we all know,...