Lucene search
K

11 matches found

Packet Storm News
Packet Storm News
added 2026/04/24 12:0 a.m.4 views

Adversarial Co-Evolution of Malware and Detection Models: A Bilevel Optimization Perspective

Machine learning-based malware detectors are increasingly vulnerable to adversarial examples. Traditional defenses, such as one-shot adversarial training, often fail against adaptive attackers who use reinforcement learning to bypass detection. This paper proposes a robust defense framework based...

5.2AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/14 2:18 p.m.12 views

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

Security experts have disclosed details of an active malware campaign that's exploiting a DLL side-loading vulnerability in a legitimate binary associated with the open-source c-ares library to bypass security controls and deliver a wide range of commodity trojans and stealers. "Attackers achieve...

6.6AI score
Exploits0
Securelist
Securelist
added 2025/03/11 10:0 a.m.8 views

DCRat backdoor returns

Since the beginning of the year, we've been tracking in our telemetry a new wave of DCRat distribution, with paid access to the backdoor provided under the Malware-as-a-Service MaaS model. The cybercriminal group behind it also offers support for the malware and infrastructure setup for hosting t...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/02/26 10:53 a.m.17 views

CERT-UA Warns of UAC-0173 Attacks Deploying DCRat to Compromise Ukrainian Notaries

The Computer Emergency Response Team of Ukraine CERT-UA on Tuesday warned of renewed activity from an organized criminal group it tracks as UAC-0173 that involves infecting computers with a remote access trojan named DCRat aka DarkCrystal RAT. The Ukrainian cybersecurity authority said it observe...

6.5CVSS7AI score0.1337EPSS
Exploits1
Talos Blog
Talos Blog
added 2024/10/22 10:0 a.m.10 views

Threat actor abuses Gophish to deliver new PowerRAT and DCRAT

Cisco Talos recently discovered a phishing campaign using an open-source phishing toolkit called Gophish by an unknown threat actor. The campaign involves modular infection chains that are either Maldoc or HTML-based infections and require the victim's intervention to trigger the infection chain...

8.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/27 9:0 a.m.11 views

New HTML Smuggling Campaign Delivers DCRat Malware to Russian-Speaking Users

Russian-speaking users have been targeted as part of a new campaign distributing a commodity trojan called DCRat aka DarkCrystal RAT by means of a technique known as HTML smuggling. The development marks the first time the malware has been deployed using this method, a departure from previously...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/07 7:13 a.m.15 views

SPECTR Malware Targets Ukraine Defense Forces in SickSync Campaign

The Computer Emergency Response Team of Ukraine CERT-UA has warned of cyber attacks targeting defense forces in the country with a malware called SPECTR as part of an espionage campaign dubbed SickSync. The agency attributed the attacks to a threat actor it tracks under the moniker UAC-0020, whic...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/03/02 11:55 a.m.25 views

Snip3 Crypter an Advanced RAT Loader Targeting Multiple Industries

Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary A multi-stage remote access trojan RAT loader called Snip3 crypter was recently discovered deploying RAT families, including QuasarRAT and DcRAT, to target victims...

1.3AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/30 12:55 p.m.45 views

Hackers Use ModernLoader to Infect Systems with Stealers and Cryptominers

As many as three disparate but related campaigns between March and Jun 2022 have been found to deliver a variety of malware, including ModernLoader, RedLine Stealer, and cryptocurrency miners onto compromised systems. "The actors use PowerShell, .NET assemblies, and HTA and VBS files to spread...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/05/09 12:27 p.m.34 views

Experts Sound Alarm on DCRat Backdoor Being Sold on Russian Hacking Forums

Cybersecurity researchers have shed light on an actively maintained remote access trojan called DCRat aka DarkCrystal RAT that's offered on sale for "dirt cheap" prices, making it accessible to professional cybercriminal groups and novice actors alike. "Unlike the well-funded, massive Russian...

0.2AI score
Exploits0
Talos Blog
Talos Blog
added 2021/10/26 1:13 p.m.206 views

Malicious campaign uses a barrage of commodity RATs to target Afghanistan and India

Cisco Talos recently discovered a threat actor using political and government-themed malicious domains to target entities in India and Afghanistan.These attacks use dcRAT and QuasarRAT for Windows delivered via malicious documents exploiting CVE-2017-11882 — a memory corruption vulnerability in...

9.3CVSS3.5AI score0.99945EPSS
Exploits33
Rows per page
Query Builder