Tag: netsupport rat

The Horns&Hooves campaign, active since March 2023, targets Russian businesses with malicious email attachments containing scripts that install NetSupport RAT or BurnsRAT. The campaign evolved through several versions, improving obfuscation and delivery methods. It uses decoy documents and legitima…

The Horns&Hooves campaign, active since March 2023, targets Russian businesses with malicious email attachments containing scripts that install NetSupport RAT or BurnsRAT. The campaign evolved through several versions, improving obfuscation and delivery methods. It uses decoy documents and legitima…

This analysis examines a recent malware campaign that utilizes the NetSupport RAT, a legitimate remote administration tool, for persistent infections. The threat actors behind this campaign employ obfuscation techniques and updates to evade detection. However, by identifying weaknesses in the obfus…

This intelligence report discusses SocGholish, a JavaScript downloader used by threat actors to deliver malware payloads disguised as fake browser updates. It analyzes the recent tactics, techniques, and procedures employed by threat groups like Evil Corp in compromising WordPress websites, fingerp…