4 matches found
CERT-UA Warns of HTA-Delivered C# Malware Attacks Using Court Summons Lures
The Computer Emergency Response Team of Ukraine CERT-UA has warned of cyber attacks carried out by a threat actor called UAC-0099 targeting government agencies, the defense forces, and enterprises of the defense-industrial complex in the country. The attacks, which leverage phishing emails as an...
Gh0st RAT Trojan Targets Chinese Windows Users via Fake Chrome Site
The remote access trojan known as Gh0st RAT has been observed being delivered by an "evasive dropper" called Gh0stGambit as part of a drive-by download scheme targeting Chinese-speaking Windows users. These infections stem from a fake website "chrome-web.com" serving malicious installer packages...
Lyceum APT Returns, This Time Targeting Tunisian Firms
The Lyceum threat group has resurfaced, this time with a weird variant of a remote-access trojan RAT that doesn’t have a way to talk to a command-and-control C2 server and might instead be a new way to proxy traffic between internal network clusters. Kaspersky’s Mark Lechtik – senior security...
Pawn Storm – A Look Into this Cyberespionage Actor Group
In April 2017 my monthly threat webinar focused on a cyberespionage group our Forward-Looking Threat Researcher, Feike Hacquebord, has been following for many years and recently published a report into the most recent two years of activities. In this post I want to focus on their tools and tactic...