AsyncRAT Archives - Bulwark Black LLC

Storm-2561 Weaponizes SEO Poisoning to Deploy Trojanized VPN Clients and Steal Enterprise Credentials

acint1 month ago03 mins

Microsoft Defender Experts have uncovered a sophisticated credential theft campaign orchestrated by the financially motivated threat actor Storm-2561. The campaign exploits search engine optimization (SEO) poisoning to redirect enterprise users searching for legitimate VPN software to malicious websites that distribute trojanized VPN clients. How the Attack Works Active since May 2025, Storm-2561 targets users searching…

Malware

Android Malware Campaign Abuses Hugging Face AI Platform to Distribute RAT

acint3 months ago3 months ago02 mins

Threat actors are abusing the Hugging Face AI platform to host Android malware, using server-side polymorphism to generate thousands of RAT variants every 15 minutes.

AsyncRAT loader: Obfuscation, DGAs, decoys and Govno

bulwarkblack2 years ago2 years ago01 mins

Read Article Executive summary AT&T Alien Labs has identified a campaign to deliver AsyncRAT onto unsuspecting victim systems. During at least 11 months, this threat actor has been working on delivering the RAT through an initial JavaScript file, embedded in a phishing page. After more than 300 samples and over 100 domains later, the threat…

Thumb

Name

Size

Date

IOCs_YARA_TTPs_Posted_Articles/ IOCs_YARA_TTPs_Posted_Articles

IOCs_YARA_TTPs_Posted_Articles

Open 99.71 KB 2024-01-12 January 12, 2024 2024-03-22 March 22, 2024

21 Items
99.71 KB

March 22, 2024

6291fc182b