#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Quasar RAT | Breaking Cybersecurity News | The Hacker News

Category — Quasar RAT
Ongoing Phishing and Malware Campaigns in December 2024

Ongoing Phishing and Malware Campaigns in December 2024

Dec 10, 2024 Malware Analysis / Cyber Threat
Cyber attackers never stop inventing new ways to compromise their targets. That's why organizations must stay updated on the latest threats.  Here's a quick rundown of the current malware and phishing attacks you need to know about to safeguard your infrastructure before they reach you. Zero-day Attack: Corrupted Malicious Files Evade Detection by Most Security Systems  The analyst team at ANY.RUN recently shared their analysis of an ongoing zero-day attack . It has been active since at least August and still remains unaddressed by most detection software to this day. The attack involves the use of intentionally corrupted Word documents and ZIP archives with malicious files inside. VirusTotal shows 0 detections for one of the corrupted files Due to corruption, security systems cannot properly identify the type of these files and run analysis on them, which results in zero threat detections. Word will ask the user if they want to restore a corrupted file Once these fi...
Vietnam-Based Hackers Steal Financial Data Across Asia with Malware

Vietnam-Based Hackers Steal Financial Data Across Asia with Malware

Apr 04, 2024 Malware / Cybercrime
A suspected Vietnamese-origin threat actor has been observed targeting victims in several Asian and Southeast Asian countries with malware designed to harvest valuable data since at least May 2023. Cisco Talos is tracking the cluster under the name  CoralRaider , describing it as financially motivated. Targets of the campaign include India, China, South Korea, Bangladesh, Pakistan, Indonesia, and Vietnam. "This group focuses on stealing victims' credentials, financial data, and social media accounts, including business and advertisement accounts," security researchers Chetan Raghuprasad and Joey Chen  said . "They use RotBot, a customized variant of Quasar RAT, and XClient stealer as payloads." Other commodity malware used by the group comprises a combination of remote access trojans and information stealers such as  AsyncRAT ,  NetSupport RAT , and Rhadamanthys . The targeting of business and advertisement accounts has been of particular focus for attacke...
Want to Grow Vulnerability Management into Exposure Management? Start Here!

Want to Grow Vulnerability Management into Exposure Management? Start Here!

Dec 05, 2024Attack Surface / Exposure Management
Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...
Quasar RAT Leverages DLL Side-Loading to Fly Under the Radar

Quasar RAT Leverages DLL Side-Loading to Fly Under the Radar

Oct 23, 2023 Cyberattack / Malware
The open-source remote access trojan known as  Quasar RAT  has been observed leveraging DLL side-loading to fly under the radar and stealthily siphon data from compromised Windows hosts. "This technique capitalizes on the inherent trust these files command within the Windows environment," Uptycs researchers Tejaswini Sandapolla and Karthickkumar Kathiresan  said  in a report published last week, detailing the malware's reliance on ctfmon.exe and calc.exe as part of the attack chain. Also known by the names CinaRAT or Yggdrasil, Quasar RAT is a C#-based remote administration tool capable of gathering system information, a list of running applications, files, keystrokes, screenshots, and executing arbitrary shell commands. DLL side-loading  is a  popular   technique  adopted by  many threat actors  to execute their own payloads by planting a spoofed DLL file with a name that a benign executable is known to be looking for. "Adversarie...
cyber security

Breaking Barriers: Strategies to Unite AppSec and R&D for Success

websiteBackslashApplication Security
Tackle common challenges to make security and innovation work seamlessly.
Expert Insights / Articles Videos
Cybersecurity Resources