silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,165
Read more below:Multiple malicious campaigns actively targeting government and financial entities around the world have been spotted while backdooring their victims' computers using Revenge and Orcus Remote Access Trojans (RAT).
All these separate campaigns are linked together by several unique tactics, techniques, and procedures (TTPs) including but not limited to command and control (C2) infrastructure obfuscation, analysis evasion, and persistence techniques leveraged by fileless malware strains.
As the Cisco Talos researchers who made this discovery further found, a threat actor has been using Revenge RAT and Orcus RAT payloads as part of ongoing "malware distribution campaigns targeting organizations including government entities, financial services organizations, information technology service providers and consultancies."
Attackers Target Govt and Financial Orgs With Orcus, Revenge RATs
Multiple malicious campaigns actively targeting government and financial entities around the world have been spotted while backdooring their victims' computers using Revenge and Orcus Remote Access Trojans (RAT).
www.bleepingcomputer.com
RAT Ratatouille: Backdooring PCs with leaked RATs
Executive summary Orcus RAT and RevengeRAT are two of the most popular remote access trojans (RATs) in use across the threat landscape. Since its emergence in 2016, various adversaries used RevengeRAT to attack organizations and individuals around the world. The source code associated with...
blog.talosintelligence.com