CloudSEK has discovered a cyber threat aiming at novices in cyber security using a tampered version of the XWorm Remote Access Trojan (RAT) builder. The RAT builder is disguised as legitimate software and has affected over 18,000 devices globally, including the US, Russia, India, Ukraine, and Turkey. The malware extracts sensitive information and controls compromised devices. The targeted operation is being traced back to threat actors like “@shinyenigma” and “@milleniumrat” on Telegram.
UAC-0063 Expands Cyber Attacks to European Embassies Using Stolen Documents
Advanced persistent threat (APT) group UAC-0063 is using legitimate documents obtained from infiltrated victims to target others with malware dubbed HATVIBE. The group, linked to
