Reaper Group uses custom malware family called DOGCALL to deploy RAT. Get the full report.
Unit 42 uncovers a new(ish) fully-featured Remote Access Tool (RAT), with web-based Command-and-Control (C2) included
Unit 42 uncovers HoeflerText popups delivering RAT malware to Google Chrome users.
Unit 42 recently observed Remote Access Trojan KHRAT activity targeting the citizens of Cambodia.
Troichilus and MoonWind RATS used to target utility and other organizations in Thailand.
Unit 42 has been tracking a new Remote Access Trojan (RAT) being sold for $40 USD since April 2016, known as “Orcus”. Though Orcus has all the typical features of RAT malware, it allows users to build custom plugins and also has a modular architecture for better management and scalability. The objective of this blog
Our team recently discovered a new Android Trojan called SpyNote which facilitates remote spying. The builder, which creates new versions of the malware, recently leaked on several malware discussion forums. SpyNote is similar to OmniRat and DroidJack, which are RATs (remote administration tools) that allow malware owners to gain remote administrative control of an Android
In recent weeks, I’ve spent time investigating the LuminosityLink Remote Access Trojan’s (RAT) embedded configuration. For those unaware, LuminosityLink is a malware family costing $40 that purports to be a system administration utility. However, when executed, the malware leverages a very aggressive keylogger, as well as a number of other malicious features that allow an
Recently, while researching attacks on targets in Thailand, Unit 42 discovered a tool that initially appeared to be a variant of the well-known PlugX RAT based on similar observed behavior such as the usage of DLL side-loading and a shellcode file. After closer inspection, it appears to be a completely distinct Trojan, which we have
Unit 42, the Palo Alto Networks threat intelligence team, will be appearing on a live webcast and Q&A with Dark Reading tomorrow, Thursday, August 28 at 2:00 p.m. EDT.
Today we would like to officially introduce our new threat intelligence team, Unit 42, and announce the release of our first research paper, 419 Evolution. Unit 42 uses data collected from the Palo Alto Networks security platform to provide context into an attacker’s motivations and methods. Using our Critical Intelligence Requirements developed by our leadership, we