#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

AsyncRAT | Breaking Cybersecurity News | The Hacker News

Category — AsyncRAT
Rhadamanthys Malware: Swiss Army Knife of Information Stealers Emerges

Rhadamanthys Malware: Swiss Army Knife of Information Stealers Emerges

Dec 18, 2023 Malware / Cyber Threat
The developers of the information stealer malware known as  Rhadamanthys  are actively iterating on its features, broadening its information-gathering capabilities and also incorporating a plugin system to make it more customizable. This approach not only transforms it into a threat capable of delivering "specific distributor needs," but also makes it more potent, Check Point  said  in a technical deep dive published last week. Rhadamanthys,  first documented  by ThreatMon in October 2022, has been sold under the malware-as-a-service (MaaS) model as early as September 2022 by an actor under the alias "kingcrete2022." Typically distributed through malicious websites mirroring those of genuine software that are advertised through Google ads, the malware is capable of harvesting a wide range of sensitive information from compromised hosts, including from web browsers, crypto wallets, email clients, VPN, and instant messaging apps. "Rhadamanthys represents a
HotRat: New Variant of AsyncRAT Malware Spreading Through Pirated Software

HotRat: New Variant of AsyncRAT Malware Spreading Through Pirated Software

Jul 21, 2023 Malware / Software Security
A new variant of  AsyncRAT  malware dubbed  HotRat  is being distributed via free, pirated versions of popular software and utilities such as video games, image and sound editing software, and Microsoft Office. "HotRat malware equips attackers with a wide array of capabilities, such as stealing login credentials, cryptocurrency wallets, screen capturing, keylogging, installing more malware, and gaining access to or altering clipboard data," Avast security researcher Martin a Milánek  said . The Czech cybersecurity firm said the trojan has been prevalent in the wild since at least in October 2022, with a majority of the infections concentrated in Thailand, Guyana, Libya, Suriname, Mali, Pakistan, Cambodia, South Africa, and India. The attacks entail bundling the cracked software available online via torrent sites with a malicious AutoHotkey ( AHK ) script that initiates an infection chain designed to deactivate antivirus solutions on the compromised host and ultimately la
Enterprise Identity Threat Report 2024: Unveiling Hidden Threats to Corporate Identities

Enterprise Identity Threat Report 2024: Unveiling Hidden Threats to Corporate Identities

Oct 31, 2024Identity Security / Browser Security
In the modern, browser-centric workplace, the corporate identity acts as the frontline defense for organizations. Often referred to as "the new perimeter", the identity stands between safe data management and potential breaches. However, a new report reveals how enterprises are often unaware of how their identities are being used across various platforms. This leaves them vulnerable to data breaches, account takeovers, and credential theft. The "Enterprise Identity Threat Report 2024" ( download here ) is based on exclusive data available only to the LayerX Browser Security platform. This data derives from LayerX's unique visibility into every user action in the browser, across industries. It provides a detailed analysis of emerging risks and uncovered hidden threats. To register to a live webinar to cover the key findings in this report, Click here . Below is a deeper dive into some of the report's most critical findings: 1. The Greatest Risk Comes from 2% of Users Security profe
Experts Warn of Hacking Group Targeting Aviation and Defense Sectors

Experts Warn of Hacking Group Targeting Aviation and Defense Sectors

Feb 15, 2022
Entities in the aviation, aerospace, transportation, manufacturing, and defense industries have been targeted by a persistent threat group since at least 2017 as part of a string of spear-phishing campaigns mounted to deliver a variety of remote access trojans (RATs) on compromised systems. The use of commodity malware such as AsyncRAT and NetWire, among others, has led enterprise security firm Proofpoint to a "cybercriminal threat actor" codenamed TA2541 that employs "broad targeting with high volume messages." The ultimate objective of the intrusions is unknown as yet. Social engineering lures used by the group does not rely on topical themes but rather leverages decoy messages related to  aviation , logistics, transportation, and travel. That said, TA2541 did briefly pivot to  COVID-19-themed lures  in the spring of 2020, distributing emails concerning cargo shipments of personal protective equipment (PPE) or testing kits. "While TA2541 is consistent i
cyber security

AWS EKS Security Best Practices [Cheat Sheet]

websiteWiz.ioCloud Security / Kubernetes
Unlock this one-stop resource for mastering EKS security best practices and safeguarding your cloud-native applications.
Expert Insights / Articles Videos
Cybersecurity Resources