Tag Archives: Trojan

Skype, Google Meet, and Zoom Used in New Trojan Scam Campaign

A threat actor has been distributing remote access Trojans (RATs) on Android and Windows operating systems using online meeting lures, according to cloud security provider Zscaler.

This campaign has been ongoing since at least December 2023, observed Zscaler’s threat intelligence team, ThreatLabz.

The distributed RATs include Android-focused SpyNote RAT and Windows-focused NjRAT and DCRat.

Malicious APKs and BAT Files Leading to RAT Payloads

To lure its victims into downloading the RATs, the threat actor created several fake online meeting sites, impersonating brands like Microsoft-owned Skype, Google Meet and Zoom.

“All of the fake sites were in Russian,” noted Zscaler ThreatLabz researchers.

The attacker utilized shared web hosting services to host all these websites on a…


Source link

Who’s Behind the NetWire Remote Access Trojan? – Krebs on Security

A Croatian national has been arrested for allegedly operating NetWire, a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. The arrest coincided with a seizure of the NetWire sales website by the U.S. Federal Bureau of Investigation (FBI). While the defendant in this case hasn’t yet been named publicly, the NetWire website has been leaking information about the likely true identity and location of its owner for the past 11 years.

Typically installed by booby-trapped Microsoft Office documents and distributed via email, NetWire is a multi-platform threat that is capable of targeting not only Microsoft Windows machines but also Android, Linux and Mac systems.

NetWire’s reliability and…


Source link