Lucene search
K

9 matches found

The Hacker News
The Hacker News
added 2025/10/18 6:51 a.m.9 views

Silver Fox Expands Winos 4.0 Attacks to Japan and Malaysia via HoldingHands RAT

The threat actors behind a malware family known as Winos 4.0 aka ValleyRAT have expanded their targeting footprint from China and Taiwan to target Japan and Malaysia with another remote access trojan RAT tracked as HoldingHands RAT aka Gh0stBins. "The campaign relied on phishing emails with PDFs...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/09/15 5:47 a.m.5 views

HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks

Chinese-speaking users are the target of a search engine optimization SEO poisoning campaign that uses fake software sites to distribute malware. "The attackers manipulated search rankings with SEO plugins and registered lookalike domains that closely mimicked legitimate software sites," Fortinet...

7.6AI score
Exploits0
HackRead
HackRead
added 2025/09/12 4:15 p.m.7 views

SEO Poisoning Attack Hits Windows Users With Hiddengh0st and Winos Malware

New SEO poisoning campaign exposed! FortiGuard Labs reveals how attackers trick users with fake websites to deliver Hiddengh0st…...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/05/25 7:36 a.m.31 views

Hackers Use Fake VPN and Browser NSIS Installers to Deliver Winos 4.0 Malware

Cybersecurity researchers have disclosed a malware campaign that uses fake software installers masquerading as popular tools like LetsVPN and QQ Browser to deliver the Winos 4.0 framework. The campaign, first detected by Rapid7 in February 2025, involves the use of a multi-stage, memory-resident...

7.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/22 12:0 p.m.41 views

NSIS Abuse and sRDI Shellcode: Anatomy of the Winos 4.0 Campaign

Co-authored byAnna Širokova and Ivan Feigl Executive summary Rapid7 has been tracking a malware campaign that uses fake software installers disguised as popular apps like VPN and QQBrowser—to deliver Winos v4.0, a hard-to-detect malware that runs entirely in memory and gives attackers remote...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/27 3:36 p.m.19 views

Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations

A new campaign is targeting companies in Taiwan with malware known as Winos 4.0 as part of phishing emails masquerading as the country's National Taxation Bureau. The campaign, detected last month by Fortinet FortiGuard Labs, marks a departure from previous attack chains that have leveraged...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/06 1:59 p.m.15 views

Winos 4.0 Malware Infects Gamers Through Malicious Game Optimization Apps

Cybersecurity researchers are warning that a command-and-control C&C framework called Winos is being distributed within gaming-related applications like installation tools, speed boosters, and optimization utilities. "Winos 4.0 is an advanced malicious framework that offers comprehensive...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/19 10:23 a.m.21 views

New Threat Actor 'Void Arachne' Targets Chinese Users with Malicious VPN Installers

Chinese-speaking users are the target of a never-before-seen threat activity cluster codenamed Void Arachne that employs malicious Windows Installer MSI files for virtual private networks VPNs to deliver a command-and-control C&C framework called Winos 4.0. "The campaign also promotes compromised...

7.2AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2024/06/19 12:0 a.m.18 views

Behind the Great Wall: Void Arachne Targets Chinese-Speaking Users With the Winos 4.0 C&C Framework

We recently discovered a new threat actor group that we dubbed Void Arachne. This group targets Chinese-speaking users with malicious Windows Installer MSI files in a recent campaign. These MSI files contain legitimate software installer files for AI software and other popular software but are...

7.3AI score
Exploits0
Rows per page
Query Builder