RAT - Cybersec Sentinel (Page 2)

RAT

A collection of 15 posts

Winos4.0 RAT Targets Gamers and Educational Institutions in New Malware Campaign

Winos4.0 RAT Targets Gamers and Educational Institutions in New Malware Campaign

Threat Group: Unknown Threat Type: Remote Access Trojan (RAT) Exploited Vulnerabilities: Social engineering through gaming-related applications targeting Windows Malware Used: Winos4.0 Threat Score: High (8.5/10) — due to its sophisticated evasion, control functions, and targeting of gaming and educational sectors Last Threat Observation: November 6, 2024, by FortiGuard

APT36 Goes Cloudy ElizaRAT Puts Indian Systems in the Crosshairs

APT36 Goes Cloudy ElizaRAT Puts Indian Systems in the Crosshairs

Threat Group: APT36 (Transparent Tribe) Threat Type: Remote Access Trojan (RAT) Exploited Vulnerabilities: Windows, Linux-based espionage with cloud-based C2 communication Malware Used: ElizaRAT, ApoloStealer Threat Score: High (8.8/10) — Enhanced evasion and control tactics, leveraging multiple cloud services for concealment Last Threat Observation: November 2024 (AlienVault, Check Point Research)

ValleyRAT Malware Exploits Privilege Escalation and Evasion in Targeted Attacks

ValleyRAT Malware Exploits Privilege Escalation and Evasion in Targeted Attacks

Threat Group: Silver Fox (suspected) Threat Type: Remote Access Trojan (RAT) Exploited Vulnerabilities: Privilege abuse through COM interfaces (CMSTPLUA, fodhelper.exe), Scheduled Task creation, Registry Run Keys manipulation Malware Used: ValleyRAT Threat Score: High (8.5/10) — Due to advanced evasion, multi-stage infection, and targeted campaign scope within China Last

DarkComet Malware Resurgence Highlights Growing Cybersecurity Concerns

DarkComet Malware Resurgence Highlights Growing Cybersecurity Concerns

Threat Group: DarkComet (a.k.a. Fynloski, Breut, Krademok) Threat Type: Remote Access Trojan (RAT) Exploited Vulnerabilities: Registry modifications, phishing, drive-by downloads, unpatched software vulnerabilities Malware Used: DarkComet RAT (Versions 5.3.1, other variants) Threat Score: High (8.5/10) Last Threat Observation: October 23, 2024 Overview DarkComet RAT

UAT-5647’s SingleCamper Malware: A Silent Network Infiltrator

UAT-5647’s SingleCamper Malware: A Silent Network Infiltrator

Threat Group: RomCom (aka UAT-5647) Threat Type: Remote Access Trojan (RAT) Exploited Vulnerabilities: Spear-phishing, network tunneling, credential theft Malware Used: SingleCamper RAT, RustyClaw, MeltingClaw, DustyHammock, ShadyHammock Threat Score: High (8.3/10) — Advanced persistence mechanisms, stealthy network operations, and a dual-focus on espionage and ransomware deployment Last Threat Observation: October