Today > vulnerabilities   -   You can now download lists of IOCs here!

Tag: xenorat

3 attack reports | 0 vulnerabilities

Attack reports

MoonPeak malware unveils new details on attacker infrastructure

Cisco Talos has uncovered a campaign employing a new malware family called 'MoonPeak,' a remote access trojan actively developed by a North Korean advanced persistent threat group tracked as 'UAT-5394.' The analysis reveals the evolution of MoonPeak from an open-source malware called XenoRAT, with …

north korea
xenorat
2024-08-21
quasarrat
moonpeak
Published: August 21, 2024

Downloadable IOCs 42

Attack Case against HFS (HTTP File Server) Server (Suspected CVE-2024-23692)

A remote code execution vulnerability (CVE-2024-23692) in the HFS (HTTP File Server) program has allowed attackers to execute malicious commands on vulnerable systems. Various attack cases exploiting this vulnerability have been observed, leading to the installation of malware such as coin miners, …

backdoor
exploit
rat
xmrig
vulnerability
plugx
gh0strat
CVE-2024-23692
cobaltstrike
korplug
destroyrat
xenorat
2024-07-03
gothief
Published: July 3, 2024

Downloadable IOCs 14

APT Attacks Using Cloud Storage

The report describes a malicious campaign where threat actors utilize cloud services like Google Drive, OneDrive, and Dropbox to distribute malware and collect user information. The attack process starts with a malicious shortcut file (LNK) that executes PowerShell scripts to download decoy documen…

apt
dropbox
powershell
cloud
2024-06-11
xenorat
Published: June 11, 2024

Downloadable IOCs 1

» Click here to see all Attack Reports «