Tag: burnsrat

3 Attack Reports | 0 Vulnerabilities

Attack reports

NetSupport RAT and RMS in malicious emails

The Horns&Hooves campaign, active since March 2023, targets Russian businesses with malicious email attachments containing scripts that install NetSupport RAT or BurnsRAT. The campaign evolved through several versions, improving obfuscation and delivery methods. It uses decoy documents and legitima…
obfuscation
phishing
rhadamanthys
russia
stealer
remote access
burnsrat
netsupport rat
meduza
2024-12-02
Published: December 2, 2024
Downloadable IOCs: 35

Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT

The Horns&Hooves campaign, active since March 2023, targets Russian businesses with malicious email attachments containing scripts that install NetSupport RAT or BurnsRAT. The campaign evolved through several versions, improving obfuscation and delivery methods. It uses decoy documents and legitima…
remote access
burnsrat
netsupport rat
meduza
2024-12-02
Published: December 2, 2024
Downloadable IOCs: 0

VayGren and Mr.Burns: Strong Ties in Finance

F.A.C.C.T experts analyzed the tools and connections of cybercriminals attacking Russian accountants. An analysis of the infection chain of the VasyGrek attacker, his forum activity and connection with the malware developer Mr.Burns is presented. The history of Mr.Burns, starting in 2010, is given,…
purecrypter
metastealer
2024-07-10
teamviewer
redline stealer
warzonerat
ave maria
purelogs
burnsrat
Published: July 10, 2024
Downloadable IOCs: 131
Click here to see more Attack Reports