Tag: guloader
2 attack reports | 0 vulnerabilities
Attack reports
Threat Actor Abuses Cloudflare Tunnels to Deliver RATs
Proofpoint is tracking a cluster of cybercriminal threat activity leveraging Cloudflare Tunnels to deliver malware, particularly remote access trojans (RATs) like Xworm, AsyncRAT, VenomRAT, GuLoader, and Remcos. The campaigns employ various techniques, such as using URL files to establish connectio…
Downloadable IOCs 13
Files with TXZ extension used as malspam attachments
A recent report describes a malspam campaign distributing malware payloads in attachments with TXZ file extensions. The attachments were RAR archives with renamed extensions, likely attempting to exploit native TXZ support in Windows 11. Two campaigns distributed the payloads, one with GuLoader mal…
Downloadable IOCs 2
Threat Actor Abuses Cloudflare Tunnels to Deliver RATs
Proofpoint is tracking a cluster of cybercriminal threat activity leveraging Cloudflare Tunnels to deliver malware, particularly remote access trojans (RATs) like Xworm, AsyncRAT, VenomRAT, GuLoader, and Remcos. The campaigns employ various techniques, such as using URL files to establish connectio…
Downloadable IOCs 13
Files with TXZ extension used as malspam attachments
A recent report describes a malspam campaign distributing malware payloads in attachments with TXZ file extensions. The attachments were RAR archives with renamed extensions, likely attempting to exploit native TXZ support in Windows 11. Two campaigns distributed the payloads, one with GuLoader mal…
Downloadable IOCs 2