APT reports

Expert: cross-platform Adwind RAT

Kaspersky Lab researcher Vitaly Kamluk gave a talk about the latest version of the cross-platform Adwind RAT. The remote access Trojan is unique in that it’s written in Java, giving this version — which is also known as Frutas, AlienSpy and JSocket — the flexibility to be used liberally in cybercrime operations as well as in targeted attacks. From Kaspersky Security Analyst Summit 2016 on Tenerife, Spain.

More information:

  1. Adwind FAQ
  2. Full report PDF

Expert: cross-platform Adwind RAT

Your email address will not be published. Required fields are marked *

 

Reports

Focus on DroxiDat/SystemBC

An unknown actor targeted an electric utility in southern Africa with Cobalt Strike beacons and DroxiDat, a new variant of the SystemBC payload. We speculate that this incident was in the initial stages of a ransomware attack.

APT trends report Q2 2023

This is our latest summary of the significant events and findings, focusing on activities that we observed during Q2 2023.

Meet the GoldenJackal APT group. Don’t expect any howls

GoldenJackal is an APT group, active since 2019, that usually targets government and diplomatic entities in the Middle East and South Asia. The main feature of this group is a specific toolset of .NET malware, JackalControl, JackalWorm, JackalSteal, JackalPerInfo and JackalScreenWatcher.

Subscribe to our weekly e-mails

The hottest research right in your inbox