Remote Access Trojan – Experimental News Clipping Site

Unit 42: Fix the Click: Preventing the ClickFix Attack Vector

Jul 10, 2025

—

by

Source URL: https://unit42.paloaltonetworks.com/preventing-clickfix-attack-vector/ Source: Unit 42 Title: Fix the Click: Preventing the ClickFix Attack Vector Feedly Summary: ClickFix campaigns are on the rise. We highlight three that distributed NetSupport RAT, Latrodectus, and Lumma Stealer malware. The post Fix the Click: Preventing the ClickFix Attack Vector appeared first on Unit 42. AI Summary and Description: Yes…

The Register: Sneaky Serpentine#Cloud slithers through Cloudflare tunnels to inject orgs with Python-based malware

Jun 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/06/19/sneaky_serpentinecloud_slithers_through_cloudflare/ Source: The Register Title: Sneaky Serpentine#Cloud slithers through Cloudflare tunnels to inject orgs with Python-based malware Feedly Summary: Phishing, Python and RATs, oh my A sneaky malware campaign slithers through Cloudflare tunnel subdomains to execute in-memory malicious code and give unknown attackers long-term access to pwned machines.… AI Summary and Description: Yes…

Cisco Talos Blog: Famous Chollima deploying Python version of GolangGhost RAT

Jun 18, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.talosintelligence.com/python-version-of-golangghost-rat/ Source: Cisco Talos Blog Title: Famous Chollima deploying Python version of GolangGhost RAT Feedly Summary: Learn how the North Korean-aligned Famous Chollima is using the a new Python-based RAT, “PylangGhost," to target cryptocurrency and blockchain jobseekers in a campaign affecting users primarily in India. AI Summary and Description: Yes **Summary:** The analysis…

The Register: Chinese snoops use stealth RAT to backdoor US orgs – still active last week

Apr 15, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/04/15/chinese_spies_backdoored_us_orgs/ Source: The Register Title: Chinese snoops use stealth RAT to backdoor US orgs – still active last week Feedly Summary: Let the espionage and access resale campaigns begin (again) A cyberspy crew or individual with ties to China’s Ministry of State Security has infected global organizations with a remote access trojan (RAT)…

Microsoft Security Blog: StilachiRAT analysis: From system reconnaissance to cryptocurrency theft

Mar 17, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/03/17/stilachirat-analysis-from-system-reconnaissance-to-cryptocurrency-theft/ Source: Microsoft Security Blog Title: StilachiRAT analysis: From system reconnaissance to cryptocurrency theft Feedly Summary: Microsoft Incident Response uncovered a novel remote access trojan (RAT) named StilachiRAT, which demonstrates sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data. This blog primarily focuses on analysis of the WWStartupCtrl64.dll…

The Register: Russia’s Sandworm caught snarfing credentials, data from American and Brit orgs

Feb 12, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/02/12/russias_sandworm_caught_stealing_credentials/ Source: The Register Title: Russia’s Sandworm caught snarfing credentials, data from American and Brit orgs Feedly Summary: ‘Near-global’ initial access campaign active since 2021 An initial-access subgroup of Russia’s Sandworm last year wriggled its way into networks within the US, UK, Canada and Australia, stealing credentials and data from “a limited number…

Hacker News: Software developers targeted by malware hidden in Python packages

Sep 24, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.techradar.com/pro/security/software-developers-targeted-by-malware-hidden-in-python-packages Source: Hacker News Title: Software developers targeted by malware hidden in Python packages Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a series of cyberattacks targeting Python developers by the North Korean hacking group Lazarus, under the guise of fake job advertisements. The attackers exploited Python package repositories…

Tag: Remote Access Trojan

Unit 42: Fix the Click: Preventing the ClickFix Attack Vector

The Register: Sneaky Serpentine#Cloud slithers through Cloudflare tunnels to inject orgs with Python-based malware

Cisco Talos Blog: Famous Chollima deploying Python version of GolangGhost RAT

The Register: Chinese snoops use stealth RAT to backdoor US orgs – still active last week

Microsoft Security Blog: StilachiRAT analysis: From system reconnaissance to cryptocurrency theft

The Register: Russia’s Sandworm caught snarfing credentials, data from American and Brit orgs

Hacker News: Software developers targeted by malware hidden in Python packages