#DCSO

macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users

by

August 27, 2024 at 12:33PM Chinese instant messaging app users are targeted by HZ RAT, a backdoor malware on Apple macOS replicating Windows version. Distributed via RTF documents and software installers, it connects to C2 server for instructions, likely for credential harvesting and reconnaissance. Recent sample impersonates OpenVPN, collecting user data, with most C2 servers … Read more

Russian Government Software Backdoored to Deploy Konni RAT Malware

by

February 22, 2024 at 05:51AM A Russian Consular Department of the Ministry of Foreign Affairs (MID) installer has been found to deliver a remote access trojan called Konni RAT, likely originating from North Korean actors targeting Russia. The trojanized installer is intended for internal use within the MID and has been linked to other espionage … Read more