Tag: java

2 attack reports | 0 vulnerabilities

Attack reports

SambaSpy – a new RAT targeting Italian users

Published: September 19, 2024

A campaign exclusively targeting Italian users was detected in May 2024, delivering a new Remote Access Trojan (RAT) dubbed SambaSpy. The infection chain involves phishing emails impersonating a legitimate Italian real estate company, redirecting victims to a malicious website. The campaign employs…

Downloadable IOCs 24

rat
phishing
java
2024-09-19
credential stealing
sambaspy

From Document to Script: Insides of Campaign

Published: May 17, 2024

This report examines a recent malicious campaign initiated via phishing emails, seemingly from 'QuickBooks,' prompting users to install Java. Clicking the embedded link leads to downloading a malicious JAR file. The JAR contains commands to fetch additional payloads, including an obfuscated AutoIt …

Downloadable IOCs 11

obfuscation
phishing
darkgate
campaign
cybercrime
malicious
payload
2024-05-17
autoit
java

SambaSpy – a new RAT targeting Italian users

Published: September 19, 2024

A campaign exclusively targeting Italian users was detected in May 2024, delivering a new Remote Access Trojan (RAT) dubbed SambaSpy. The infection chain involves phishing emails impersonating a legitimate Italian real estate company, redirecting victims to a malicious website. The campaign employs…

Downloadable IOCs 24

rat
phishing
java
2024-09-19
credential stealing
sambaspy

From Document to Script: Insides of Campaign

Published: May 17, 2024

This report examines a recent malicious campaign initiated via phishing emails, seemingly from 'QuickBooks,' prompting users to install Java. Clicking the embedded link leads to downloading a malicious JAR file. The JAR contains commands to fetch additional payloads, including an obfuscated AutoIt …

Downloadable IOCs 11

obfuscation
phishing
darkgate
campaign
cybercrime
malicious
payload
2024-05-17
autoit
java
» Click here to see all Attack Reports «