Tag: spark rat

3 Attack Reports | 0 Vulnerabilities

Attack reports

Goodbye HTA, Hello MSI: New TTPs and Clusters of an APT driven by Multi-Platform Attacks

Pakistan-linked SideCopy APT has expanded its targeting to include Indian railways, oil & gas, and external affairs ministries. The group has shifted from HTA files to MSI packages for staging, employing advanced techniques like DLL side-loading and reflective loading. They are leveraging customize…
apt
rat
phishing
dll side-loading
multi-platform
msi
spark rat
2025-04-08
xeno rat
curlback rat
Published: April 8, 2025
Downloadable IOCs: 28

Hacktivists attack Russian organizations using rare RATs

The Cyber Anarchy Squad (C.A.S) is a hacktivist group targeting Russian and Belarusian organizations since 2022. They exploit vulnerabilities in public services and use free tools to inflict maximum damage. The group employs rare remote access Trojans like Revenge RAT and Spark RAT, alongside commo…
ransomware
russia
belarus
lockbit
meterpreter
telegram
babuk
spark rat
hacktivist
2024-12-18
revenge rat
data destruction
Published: December 18, 2024
Downloadable IOCs: 0

Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails

A newly discovered vulnerability in Windows NT LAN Manager (NTLM) has been exploited by suspected Russian hackers in cyber attacks against Ukraine. The flaw, identified as CVE-2024-43451, allows attackers to steal NTLMv2 hashes through minimal user interaction with malicious files. The exploit chai…
rat
phishing
windows
russia
ukraine
zero-day
CVE-2024-43451
2024-11-14
ntlm
spark rat
pass-the-hash
hash stealing
Published: November 14, 2024
Downloadable IOCs: 24
Click here to see more Attack Reports