Today > | 1 Medium vulnerabilities - You can now download lists of IOCs here!
3 attack reports | 0 vulnerabilities
ValleyRAT is a remote access Trojan targeting Chinese-speaking users through phishing campaigns. It employs multi-stage, multi-component tactics to evade detection and maintain persistence. The malware uses various techniques including process injection, registry manipulation, and UAC bypass. It at…
FortiGuard Labs recently encountered an ongoing malware campaign specifically targeting Chinese speakers. The attack utilizes a multi-stage malware named ValleyRAT, which employs diverse techniques to monitor and control victims while deploying arbitrary plugins. A notable characteristic is its hea…
Zscaler ThreatLabz recently uncovered a new campaign used to deliver the latest iteration of ValleyRAT, a remote access trojan attributed to a China-based threat actor. The campaign involves multiple stages, with the initial stage downloader utilizing an HTTP File Server (HFS) to fetch subsequent c…