New Adwind RAT Variant Used Against the US Petroleum Sector

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,172
Content source
https://www.bleepingcomputer.com/news/security/new-adwind-rat-variant-used-against-the-us-petroleum-sector/
US petroleum industry entities are targeted by attackers with a new Adwind Remote Access Trojan (RAT) variant featuring multi-layer obfuscation and delivered via a malspam campaign designed to infect targets through malicious attachments or URL redirections to payloads.

Adwind (aka jRAT, AlienSpy, JSocket, and Sockrat) is a cross-platform (i.e., Windows, Linux, macOS) RAT provided by its developers to various threat actors under a malware-as-a-service (MaaS) model.

While the RAT can avoid being detected by some anti-malware solutions, behavior- and sandbox-based antivirus software should be capable of identifying and block it successfully.

"The majority of these campaigns are delivered through phishing emails. During our analysis of the campaign, we could not obtain the email samples; we could only retrieve the JAR malware samples," Netskope information security researcher Abhinav Singh told BleepingComputer.
Click to expand...
www.bleepingcomputer.com

New Adwind RAT Variant Used Against the US Petroleum Sector

US petroleum industry entities are targeted by attackers with a new Adwind Remote Access Trojan (RAT) variant featuring multi-layer obfuscation and delivered via a malspam campaign designed to infect targets through malicious attachments or URL redirections to payloads.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • +Reputation
Reactions: oldschool, Andy Ful, upnorth and 5 others
You must log in or register to reply here.

Similar threads

silversurfer
    • +Reputation
    • Like
Malware News New BIFROSE Linux Malware Variant Using Deceptive VMware Domain for Evasion
Replies
0
Views
1,124
Security News
silversurfer
silversurfer
vtqhtr413
    • +Reputation
    • Like
Stealthy Malware Spreading Remcos RAT and Formbook in Europe
Replies
0
Views
906
News Archive
vtqhtr413
vtqhtr413
[correlate]
    • Like
    • +Reputation
A cascade of compromise: unveiling Lazarus’ new campaign
Replies
0
Views
696
News Archive
[correlate]
[correlate]

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top