Tag: java

4 Attack Reports | 0 Vulnerabilities

Attack reports

Exposed JDWP Exploited in the Wild: What Happens When Debug Ports Are Left Open

A routine monitoring by researchers uncovered an exploitation attempt on a honeypot server running TeamCity, a CI/CD tool. The attack exploited an exposed Java Debug Wire Protocol (JDWP) interface, leading to remote code execution, deployment of cryptomining payload, and establishment of multiple p…
xmrig
persistence
java
cryptomining
remote code execution
2025-08-08
teamcity
jdwp
debugging
Published: August 8, 2025
Downloadable IOCs: 17

Applications of Snake Keylogger in Geopolitics: Abuse of Trusted Java Utilities in Cybercriminal Activities

A new phishing campaign using Snake Keylogger, a Russian-origin stealer, has been discovered targeting various victims including corporations, governments, and individuals. The campaign uses spear-phishing emails offering petroleum products, with malicious attachments exploiting the legitimate jsad…
credential theft
dll sideloading
java
keylogger
geopolitical
maas
snake keylogger
spear-phishing
2025-07-06
petroleum
Published: July 6, 2025
Downloadable IOCs: 0

SambaSpy – a new RAT targeting Italian users

A campaign exclusively targeting Italian users was detected in May 2024, delivering a new Remote Access Trojan (RAT) dubbed SambaSpy. The infection chain involves phishing emails impersonating a legitimate Italian real estate company, redirecting victims to a malicious website. The campaign employs…
rat
phishing
java
2024-09-19
credential stealing
sambaspy
Published: September 19, 2024
Downloadable IOCs: 24

From Document to Script: Insides of Campaign

This report examines a recent malicious campaign initiated via phishing emails, seemingly from 'QuickBooks,' prompting users to install Java. Clicking the embedded link leads to downloading a malicious JAR file. The JAR contains commands to fetch additional payloads, including an obfuscated AutoIt …
obfuscation
phishing
darkgate
campaign
cybercrime
malicious
payload
2024-05-17
autoit
java
Published: May 17, 2024
Downloadable IOCs: 11
Click here to see more Attack Reports