Get a Pentest and security assessment of your IT network.

News

ROKRAT Reloaded

Talos published 2 articles concerning South Korean threats earlier this year. The first one was about the use of a malicious HWP document which dropped downloaders used to retrieve malicious payloads on several compromised websites. The second one was the analysis and discovery of the ROKRAT malware. This month, Talos discovered a new version of the malware. It contains the same reconnaissance code used; similar PDB pattern that the “Evil New Years” samples used; it uses cloud platform as C&C but not exactly the same. This version uses pcloud, box, dropbox and yandex. It also shares code with Freenki, a downloader used in the FreeMilk campaign.”]

Source: https://blog.talosintelligence.com/2017/11/ROKRAT-Reloaded.html

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Botnet authors use Evernote account as C&C Server

News

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2