#ValleyRAT – Xynik

Multi-Stage ValleyRAT Targets Chinese Users with Advanced Tactics

August 16, 2024 by Xynik

August 16, 2024 at 08:21AM Chinese-speaking users are being targeted by an ongoing campaign distributing the multi-stage malware ValleyRAT, capable of remote control and executing various harmful actions on compromised workstations. The attackers utilize shellcode extensively and deploy arbitrary plugins. The malware’s distribution method remains unknown. The campaign emerges amid attempts to exploit an old … Read more

China-Linked ValleyRAT Malware Resurfaces with Advanced Data Theft Tactics

June 11, 2024 by Xynik

June 11, 2024 at 05:03AM Cybersecurity experts have discovered an updated version of malware called ValleyRAT with new capabilities, believed to originate from a China-based threat actor. The malware utilizes a multi-stage process and DLL side-loading to evade security solutions. Additionally, there’s a new phishing campaign targeting Spanish-speaking individuals with an updated keylogger and information … Read more