WingsOfGod.dll – WogRAT Malware Analysis & Removal

WogRAT is a pretty simple backdoor with mysterious spreading ways

WogRAT, also known as WingsOfGod RAT, is a novice remote access trojan that attacks users from Asian countries. Named after its own file – Wingsofgod.dll, this malware attacks people since late 2022, spreading through the online notepad service. What is WogRAT (WingsOfGod.dll)? WogRAT is a classic example of a remote access trojan, a backdoor-like malicious… Continue reading WingsOfGod.dll – WogRAT Malware Analysis & Removal

Backdoor:Win32/Bladabindi!ml Analysis & Removal Guide

Backdoor:Win32/Bladabindi!ml is a detection of njRAT - a dangerous remote access trojan

Backdoor:Win32/Bladabindi!ml is a generic detection name used by Microsoft Defender. It specifically refers to a backdoor malware known as njRAT, capable of hacking into and controlling victims’ computers. In which cases it is a dangerous trojan and in which cases it is a false positive detection, we will understand in this article. What is Backdoor:Win32/Bladabindi!ml?… Continue reading Backdoor:Win32/Bladabindi!ml Analysis & Removal Guide

Remcos RAT Targets South Korean Users Through Webhards

A new wave of Remcos RAT spreading targets people from South Korea

An infamous Remcos RAT reportedly started targeting South Korean users through the files shared on Webhards platform. By baiting users with cracked software and adult content, hackers manage to install a malicious script that in turn downloads and runs the dangerous remote access trojan. Remcos RAT Uses Webhards to Spread Recent research of South Korean… Continue reading Remcos RAT Targets South Korean Users Through Webhards

SugarGh0st RAT Targets Uzbekistan and South Korea

Asian government-sponsored hackers are making a fuss again.

A new malicious campaign employs SugarGh0st RAT to target government agencies. Artifacts in the decoy documents hint at a potential Chinese-speaking actor. SugarGh0st Uses Spear Phishing to Attack Governments Researchers have uncovered a new wave of cyber threats targeting government entities in Uzbekistan and South Korea in recent cybersecurity developments. Utilizing a customized variant of… Continue reading SugarGh0st RAT Targets Uzbekistan and South Korea

HiatusRAT Used in Attacks on Taiwan Companies and U.S. Military

HiatusRAT offers pretty unusual functionality that appears useful in sophisticated attacks

Recent attacks on US military systems and Taiwan companies are distinctive not only by the brave target choosing, but also for the used toolkit. In the case of both targets, attackers used HiatusRAT as an initial access/reconnaissance tool. Aside from being used in these attacks, Hiatus Trojan has other things to boast of. US DoD… Continue reading HiatusRAT Used in Attacks on Taiwan Companies and U.S. Military

Wise Remote Trojan: Infostealer, RAT, DDoS Bot, and Ransomware

Wise Remote Stealer

Wise Remote Stealer is a potent and malicious software that operates as an infostealer, Remote Access Trojan (RAT), DDoS bot, and ransomware. It has gained notoriety within the cybersecurity community due to its extensive range of capabilities and the threat it poses to individuals and organizations. Unveiling the Wise Remote Stealer Revelations from cybersecurity experts… Continue reading Wise Remote Trojan: Infostealer, RAT, DDoS Bot, and Ransomware

Remote Access Trojan (RAT Malware)

Backdoors are a major threat to anyone. Remote access trojans are yet another tool to provide the backdoor access

Remote Access Trojan is software that allows unauthorized access to a victim’s computer or covert surveillance. Remote Access Trojan are often disguised as legitimate programs and give the attacker unhindered access. Their capabilities include tracking user behavior, copying files, and using bandwidth for criminal activity. What is a Remote Access Trojan (RAT)? A Remote Access… Continue reading Remote Access Trojan (RAT Malware)

Attackers Exploit MSDT Follina Bug to Drop RAT

Threat Actors Exploit MSDT Follina Bug To Drop RAT And Infostealer

Security specialists caution users about the exploitation of the recently disclosed Follina Bug found in all supported versions of Windows. Threat actors have actively utilized this vulnerability to install payloads such as the AsyncRAT trojan and infostealer. Understanding the Follina Vulnerability On May 27, 2022, the public became aware of a remote code execution (RCE)… Continue reading Attackers Exploit MSDT Follina Bug to Drop RAT