Lucene search
K

14 matches found

The Hacker News
The Hacker News
added 2024/06/13 10:26 a.m.14 views

Pakistan-linked Malware Campaign Evolves to Target Windows, Android, and macOS

Threat actors with ties to Pakistan have been linked to a long-running malware campaign dubbed Operation Celestial Force since at least 2018. The activity, still ongoing, entails the use of an Android malware called GravityRAT and a Windows-based malware loader codenamed HeavyLift, according to...

6.8AI score
Exploits0
Talos Blog
Talos Blog
added 2024/06/13 10:0 a.m.14 views

Operation Celestial Force employs mobile and desktop malware to target Indian entities

By Gi7w0rm, Asheer Malhotra and Vitor Ventura. Cisco Talos is disclosing a new malware campaign called "Operation Celestial Force" running since at least 2018. It is still active today, employing the use of GravityRAT, an Android-based malware, along with a Windows-based malware loader we track a...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/15 1:0 p.m.34 views

Warning: GravityRAT Android Trojan Steals WhatsApp Backups and Deletes Files

An updated version of an Android remote access trojan dubbed GravityRAT has been found masquerading as messaging apps BingeChat and Chatico as part of a narrowly targeted campaign since June 2022. "Notable in the newly discovered campaign, GravityRAT can exfiltrate WhatsApp backups and receive...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/15 1:0 p.m.4 views

Warning: GravityRAT Android Trojan Steals WhatsApp Backups and Deletes Files

An updated version of an Android remote access trojan dubbed GravityRAT has been found masquerading as messaging apps BingeChat and Chatico as part of a narrowly targeted campaign since June 2022. "Notable in the newly discovered campaign, GravityRAT can exfiltrate WhatsApp backups and receive...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/04 10:51 a.m.24 views

Meta Uncovers Massive Social Media Cyber Espionage Operations Across South Asia

Three different threat actors leveraged hundreds of elaborate fictitious personas on Facebook and Instagram to target individuals located in South Asia as part of disparate attacks. "Each of these APTs relied heavily on social engineering to trick people into clicking on malicious links,...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/04 10:51 a.m.1 views

Meta Uncovers Massive Social Media Cyber Espionage Operations Across South Asia

Three different threat actors leveraged hundreds of elaborate fictitious personas on Facebook and Instagram to target individuals located in South Asia as part of disparate attacks. "Each of these APTs relied heavily on social engineering to trick people into clicking on malicious links,...

6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/11/16 3:34 p.m.30 views

SoNot SoSafe: Android malware disguises itself as secure messaging app

If you haven’t heard of SoSafe Chat, you will now. This Android app, purported as a secure messaging application that uses end-to-end encryption, is the latest ruse cybercriminals put upon smartphone users, particularly those based in India, to infect their devices with GravityRAT, a piece of...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/20 1:59 p.m.28 views

Windows GravityRAT Malware Now Also Targets macOS and Android Devices

A Windows-based remote access Trojan believed to be designed by Pakistani hacker groups to infiltrate computers and steal users' data has resurfaced after a two-year span with retooled capabilities to target Android and macOS devices. According to cybersecurity firm Kaspersky, the malware — dubbe...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2020/10/20 1:59 p.m.4 views

Windows GravityRAT Malware Now Also Targets macOS and Android Devices

A Windows-based remote access Trojan believed to be designed by Pakistani hacker groups to infiltrate computers and steal users' data has resurfaced after a two-year span with retooled capabilities to target Android and macOS devices. According to cybersecurity firm Kaspersky, the malware — dubbe...

6.1AI score
Exploits0
ThreatPost
ThreatPost
added 2020/10/19 5:34 p.m.33 views

GravityRAT Comes Back to Earth with Android, macOS Spyware

The criminals behind GravityRAT spyware have rolled out new macOS and Android variants for the first time. The GravityRAT remote access trojan has been around since at least 2015, according to researchers from Kaspersky, but it has mainly focused on Windows operating systems. The last piece of...

1.3AI score
Exploits0References4
Securelist
Securelist
added 2020/10/19 10:0 a.m.33 views

GravityRAT: The spy returns

In 2018, researchers at Cisco Talos published a post on the spyware GravityRAT, used to target the Indian armed forces. The Indian Computer Emergency Response Team CERT-IN first discovered the Trojan in 2017. Its creators are believed to be Pakistani hacker groups. According to our information, t...

0.2AI score
Exploits0
Qualys Blog
Qualys Blog
added 2018/06/18 5:29 p.m.76 views

Get Emerging Threats Visibility with Qualys IOC Widgets

Two new built-in widgets for detecting the GravityRAT and GhostSecret advanced threats are now available in Qualys Indication of Compromise IOC. These threats are of specific concern as they target industries like finance, entertainment, telecommunication and healthcare and have capability to...

7.3AI score
Exploits0
Talos Blog
Talos Blog
added 2018/05/07 11:53 a.m.23 views

Beers with Talos EP 28 - APT, BGP, RCEs, and an Old RAT

Beers with Talos BWT Podcast Episode 28 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcast EP28 Show Notes: Recorded April 27 - We have a special guest intro this week, since Mitch came down wit...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2018/04/30 6:20 p.m.14 views

Updated GravityRAT Malware Adds Advanced AV Detection

Researchers tracking the evolution of the remote access trojan GravityRAT warn that developers behind the malware have made key changes to the RAT’s code in an attempt to decrease antivirus detection. “We’ve seen file exfiltration, remote command execution capability and anti-vm techniques added...

1.3AI score
Exploits0References5
Rows per page
Query Builder