rat (4)

 

8051471253?profile=RESIZE_400xNYANxCAT is a prolific hacker who programs new pieces and versions of malware, shares it widely, and records blackhat hacker educational YouTube videos which has over 150,000 views.  He uses GitHub repository, sells his hacker tools and services using PayPal and Bitcoin.  In this report, we discuss some of the samples of NYANXCat malware, his business models, and possible Kuwaiti identity.

(Figure 1. NYANxCAT GitHub logo)

 

NYANxCAT Hacker Profile

Name:         possible name: Hmoud [Hu

7622802499?profile=RESIZE_400x

Hackers are using a phishing campaign to deploy KONNI malware, a remote access trojan (RAT), via Microsoft Word documents containing malicious Visual Basic Application (VBA) macro code, according to a recent Department of Homeland Security (DHS) Cybersecurity and Infrastructure alert (CISA). 

First observed in 2014, the malware was linked to several campaigns tied to North Korea. There are also significant links in code with the NOKKI malware family and researchers possess some evidence that link

7328954885?profile=RESIZE_400xThree US agencies published a joint warning alert for private companies about new versions of Taidoor, a malware family previously associated with Chinese state-sponsored hackers.

The alert is from the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (DHS CISA), the Department of Defense's Cyber Command (CyberCom), and the Federal Bureau of Investigations (FBI).  The three US government agencies report they have observed Taidoor being used in new attacks.  The n

6710390901?profile=RESIZE_400xThe electric grid is so important to any country’s national security and thus the high importance of keeping the electricity flowing.  Even an outage of only a few minutes can wreak havoc on any residence or business.  Cyber attackers responsible for distributing LookBack malware are targeting US utility providers with a new threat called “FlowCloud.”  The FlowCloud modular remote-access trojan (RAT) has similarities and connections to the LookBack malware.  The LookBack at its core is a remote