Webworm Hackers Using Modified RATs in Latest Cyber Espionage Attacks

malware

AI generated Image

Attack chains involve the use of dropper malware that harbors a loader designed to launch modified versions of Trochilus, Gh0st, and 9002 remote access trojans. Symantec said the Webworm threat actor exhibits tactical overlaps with another new adversarial collective documented by Positive Technologies earlier this May as Space Pirates, which was found striking entities in the Russian aerospace industry with novel malware. The cybersecurity firm said at least one of the indicators of compromise (IOCs) was used in an attack against an IT service provider operating in multiple Asian countries.

Source read time: 2 min - thehackernews.com

Also offered in: Nederlands

More news for you