#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

Quasar RAT | Breaking Cybersecurity News | The Hacker News

Category — Quasar RAT
Vietnam-Based Hackers Steal Financial Data Across Asia with Malware

Vietnam-Based Hackers Steal Financial Data Across Asia with Malware

Apr 04, 2024 Malware / Cybercrime
A suspected Vietnamese-origin threat actor has been observed targeting victims in several Asian and Southeast Asian countries with malware designed to harvest valuable data since at least May 2023. Cisco Talos is tracking the cluster under the name  CoralRaider , describing it as financially motivated. Targets of the campaign include India, China, South Korea, Bangladesh, Pakistan, Indonesia, and Vietnam. "This group focuses on stealing victims' credentials, financial data, and social media accounts, including business and advertisement accounts," security researchers Chetan Raghuprasad and Joey Chen  said . "They use RotBot, a customized variant of Quasar RAT, and XClient stealer as payloads." Other commodity malware used by the group comprises a combination of remote access trojans and information stealers such as  AsyncRAT ,  NetSupport RAT , and Rhadamanthys . The targeting of business and advertisement accounts has been of particular focus for attacke
Quasar RAT Leverages DLL Side-Loading to Fly Under the Radar

Quasar RAT Leverages DLL Side-Loading to Fly Under the Radar

Oct 23, 2023 Cyberattack / Malware
The open-source remote access trojan known as  Quasar RAT  has been observed leveraging DLL side-loading to fly under the radar and stealthily siphon data from compromised Windows hosts. "This technique capitalizes on the inherent trust these files command within the Windows environment," Uptycs researchers Tejaswini Sandapolla and Karthickkumar Kathiresan  said  in a report published last week, detailing the malware's reliance on ctfmon.exe and calc.exe as part of the attack chain. Also known by the names CinaRAT or Yggdrasil, Quasar RAT is a C#-based remote administration tool capable of gathering system information, a list of running applications, files, keystrokes, screenshots, and executing arbitrary shell commands. DLL side-loading  is a  popular   technique  adopted by  many threat actors  to execute their own payloads by planting a spoofed DLL file with a name that a benign executable is known to be looking for. "Adversaries likely use side-loading as a
How to Get Going with CTEM When You Don't Know Where to Start

Want To Excel in Cybersecurity Risk Management?

Georgetown UniversityWebinar / Risk Management
Manage cybersecurity risk with a Georgetown master's degree. Learn more in our Oct. 23 webinar.
Expert Insights / Articles Videos
Cybersecurity Resources