Tag: rust

ESET researchers have uncovered new Rust-based tools used by the Embargo ransomware group. The toolkit includes MDeployer, a loader that deploys MS4Killer and Embargo ransomware, and MS4Killer, an EDR killer that exploits a vulnerable driver. Embargo, first observed in June 2024, is a relatively ne…

Akira ransomware has established itself as a prominent threat, constantly evolving its tactics. Initially employing double-extortion, it shifted focus to data exfiltration in early 2024. The group developed a Rust variant of their ESXi encryptor, moving away from C++. Recently, Akira has returned t…

Crystal Rans0m is a newly discovered hybrid ransomware family developed in Rust, first observed in September 2023. It combines file encryption with data stealing capabilities, doubling its leverage over victims. The malware targets browser data, Discord tokens, Steam files, and Riot Games data. It …

A new ransomware threat, dubbed Rast, has emerged targeting Chinese government and enterprises since December 2023. Written in Rust, Rast has infected over 6,800 terminals, successfully encrypting more than 5,700. The Rast gang, named after the ransomware, operates primarily between 20:00 and 05:00…

Seqrite Labs APT-Team discovered a sophisticated malware campaign targeting government and military officials in the Czech Republic. The campaign leveraged NATO-themed decoy documents to lure victims and employed a multistage attack chain involving a malicious batch script, a Rust-based loader, and…

In May 2024, FortiGuard Labs observed a Rust-based stealer. In addition to its intricate code, the stealer is distributed using a variety of strategies and has a flexible way of choosing its target.

A malicious campaign has been discovered that exploits the legitimate GoTo Meeting online conferencing software to deploy the Remcos remote access trojan (RAT). The attack chain involves utilizing lures like porn downloads, software setup files, and tax forms with Russian and English file names. It…