#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cloud Security

Quasar RAT | Breaking Cybersecurity News | The Hacker News

Vietnam-Based Hackers Steal Financial Data Across Asia with Malware

Vietnam-Based Hackers Steal Financial Data Across Asia with Malware
Apr 04, 2024 Malware / Cybercrime
A suspected Vietnamese-origin threat actor has been observed targeting victims in several Asian and Southeast Asian countries with malware designed to harvest valuable data since at least May 2023. Cisco Talos is tracking the cluster under the name  CoralRaider , describing it as financially motivated. Targets of the campaign include India, China, South Korea, Bangladesh, Pakistan, Indonesia, and Vietnam. "This group focuses on stealing victims' credentials, financial data, and social media accounts, including business and advertisement accounts," security researchers Chetan Raghuprasad and Joey Chen  said . "They use RotBot, a customized variant of Quasar RAT, and XClient stealer as payloads." Other commodity malware used by the group comprises a combination of remote access trojans and information stealers such as  AsyncRAT ,  NetSupport RAT , and Rhadamanthys . The targeting of business and advertisement accounts has been of particular focus for attacke

Quasar RAT Leverages DLL Side-Loading to Fly Under the Radar

Quasar RAT Leverages DLL Side-Loading to Fly Under the Radar
Oct 23, 2023 Cyberattack / Malware
The open-source remote access trojan known as  Quasar RAT  has been observed leveraging DLL side-loading to fly under the radar and stealthily siphon data from compromised Windows hosts. "This technique capitalizes on the inherent trust these files command within the Windows environment," Uptycs researchers Tejaswini Sandapolla and Karthickkumar Kathiresan  said  in a report published last week, detailing the malware's reliance on ctfmon.exe and calc.exe as part of the attack chain. Also known by the names CinaRAT or Yggdrasil, Quasar RAT is a C#-based remote administration tool capable of gathering system information, a list of running applications, files, keystrokes, screenshots, and executing arbitrary shell commands. DLL side-loading  is a  popular   technique  adopted by  many threat actors  to execute their own payloads by planting a spoofed DLL file with a name that a benign executable is known to be looking for. "Adversaries likely use side-loading as a

Hands-on Review: Cynomi AI-powered vCISO Platform

Hands-on Review: Cynomi AI-powered vCISO Platform
Apr 10, 2024vCISO / Risk Assessment
The need for vCISO services is growing. SMBs and SMEs are dealing with more third-party risks, tightening regulatory demands and stringent cyber insurance requirements than ever before. However, they often lack the resources and expertise to hire an in-house security executive team. By outsourcing security and compliance leadership to a vCISO, these organizations can more easily obtain cybersecurity expertise specialized for their industry and strengthen their cybersecurity posture. MSPs and MSSPs looking to meet this growing vCISO demand are often faced with the same challenge. The demand for cybersecurity talent far exceeds the supply. This has led to a competitive market where the costs of hiring and retaining skilled professionals can be prohibitive for MSSPs/MSPs as well. The need to maintain expertise of both security and compliance further exacerbates this challenge. Cynomi, the first AI-driven vCISO platform , can help. Cynomi enables you - MSPs, MSSPs and consulting firms
Cybersecurity Resources