Gh0st RAT Still Haunting Inboxes

Gh0st RAT, a decades-old open-source remote administration tool (RAT), recently appeared in phishing campaigns targeting a healthcare organization. Gh0st Remote Administration Tool was created by a Chinese hacking group named C. Rufus Security Team that released it publicly in 2008. The public release of Gh0st RAT source code made it easy for threat actors to […]

Chinese threat actor targets South East Asia

Mandiant Managed Defense recently identified cyber espionage activity that heavily leverages USB devices as an initial infection vector and concentrates on the Philippines. Mandiant tracks this activity as UNC4191 and assess it has a China nexus. UNC4191 operations have affected a range of public and private sector entities primarily in Southeast Asia and extending to […]

PlugX RAT Loader Evolution

Cybereason GSOC investigates the PlugX malware family, a modular Remote Access Tool/Trojan (RAT) often utilized by Asia-based APT groups such as APT27. The malware has backdoor capabilities to take full control of the environment with its many malicious “plugins.” PlugX is a post-exploitation modular RAT (Remote Access Trojan), which, among other things, is known for […]

Scroll to top