5 matches found
A week in security (September 30 – October 6)
Last week on Malwarebytes Labs, Malwarebytes renewed its pledge to fight stalkerware for National Cybersecurity Awareness NCSA and Domestic Violence Awareness Month. We also looked into what security orchestration is and reported about partnering with security firm, HYAS, to determine the...
Adwind RAT Scurries By AV Software With New DDE Variant
A newly-discovered spam campaign is spreading the Adwind 3.0 remote-access tool RAT – and using a fresh take on the Dynamic Data Exchange DDE code-injection technique for anti-virus evasion. The spam campaign features two types of droppers that leverage a new variant to the already-known DDE...
Adwind RAT Returns! Cross-Platform Malware Targeting Aerospace Industries
Hackers and cyber criminals are becoming dramatically more adept, innovative, and stealthy with each passing day. While other operating systems are more widely in use, cybercriminals have now shifted from traditional activities to more clandestine techniques that come with limitless attack vector...
Adwind RAT Resurfaces, Targeting Danish Companies
The remote access Trojan Adwind has resurfaced and as of last weekend, is being used in spam emails targeting Danish companies, researchers said. In emails purporting to be order requests coming from either spoofed or fake return addresses, attackers are spreading malicious .jar, or Java archive...
Vitaly Kamluk on the Adwind RAT
Mike Mimoso talks to Kaspersky Lab researcher Vitaly Kamluk who was critical in the discovery of the latest version of the cross-platform Adwind RAT. The remote access Trojan is unique in that it’s written in Java, giving this version—which is also known as Frutas, AlienSpy and JSocket—the...