The abundance and variety of low cost Android phones is one of the reasons that Android has become so popular around the world. Unfortunately, low priced phones could also mean less operating revenue and thus possibly a lower quality control. Such is the case with a cheap Android phone and has a remote access trojan preinstalled.
Malspam campaigns, such as ones being distributed by Necurs, are utilizing a new attachment type that is doing a good job in bypassing antivirus and mail filters. These IQY attachments are called Excel Web Query files and when opened will attempt to pull data from external sources.
Even though Bitdefender released a GandCrab decryptor today, it is not stopping the GandCrab developers from continuing to use new methods to distribute their ransomware. Today malware traffic analysis nao_sec discovered that EITest was being used to distribute the GandCrab ransomware as part of the HoeflerText Font Update scam.
Coldroot, a remote access trojan (RAT), is still undetectable by most antivirus engines, despite being uploaded and freely available on GitHub for almost two years.
The website of Eltima, a maker of macOS and Windows apps, has been compromised by an unknown actor to spread a trojanized version of Elmedia Player, a multimedia player for macOS.
A remote access trojan (RAT) known as Hacker's Door has resurfaced in active infections after being seen the last time in 2004-2005.
A remote access trojan (RAT) offered as a free download on underground hacking forums comes with a secret backdoor that grants the original author access to all the victim data.
The author of the very popular Nanocore RAT has pleaded guilty this week, admitting to developing malware that was used by other crooks to infect countless of computers across the globe, stealing data and secretly watching unsuspecting victims.
A new Android RAT (Remote Access Trojan) detected under the name of GhostCtrl can lock mobile device by resetting their PIN and display a ransom note to infected victims.
ETERNALBLUE, an alleged NSA exploit targeting the SMBv1 protocol leaked by the Shadow Brokers in mid-April, has become a commodity hacking tool among malware developers.
A self-proclaimed member of the Anonymous hacker collective is behind a campaign to spread the Houdini RAT and is currently looking into deploying the MoWare H.F.D ransomware.
The website of the HandBrake app has been compromised, and one of its download mirrors modified to host a version of the Proton RAT embedded in the app's Mac client.
An Android app named "System Update" that secretly contained a spyware family named SMSVova, survived on the official Google Play Store for at least three years, since 2014, when it was updated the last time.
Someone has created a new Remote Access Trojan (RAT) that uses the Telegram protocol to steal user data from infected devices.
A new remote access tool (RAT) targeting macOS users is currently being advertised on Russian underground hacking forums, a custom website, and through YouTube videos, security researchers from Sixgill have discovered.
Malware researchers have come across a new Remote Access Trojan (RAT) that uses a novel technique to evade detection on corporate networks by fetching malicious PowerShell commands stored inside a domain's DNS TXT records.