News Pro-Tibet groups targeted with ExileRAT in spy campaign - Printable Version +- Red Security (https://redsecurity.info/cc) +-- Forum: General (https://redsecurity.info/cc/forumdisplay.php?fid=1) +--- Forum: News (https://redsecurity.info/cc/forumdisplay.php?fid=4) +--- Thread: News Pro-Tibet groups targeted with ExileRAT in spy campaign (/showthread.php?tid=927)

Pro-Tibet groups targeted with ExileRAT in spy campaign - Mad-Architect - 02-05-2019     Pro-Tibetan groups are in the sights of a targeted malware campaign. Security researchers from Cisco Talos reported that that this malware comes in the form of a PowerPoint doc that contains a RAT [Remote Access Trojan] that is capable of taking system and personal information from the computer and/or user thereof.    The malware was using a specific vector of attack; it used a mailing list used by a Tibetan news outlet. Researchers were able to conclude that the attackers were altering the standard Reply-to-Header so that responses would be sent back to an email address controlled by the attackers.   A connection was discovered by researchers between this incident and Lucky Cat, a Android and Windows based Trojan.    This incident was concluded as an espionage run and not for financial gain.    Original article can be found here.      That was the news folks, have a good week, and stay safe out there.   --Mad-Architect