In our previous post, we reported about new breed of Remote Access Tool (RAT) called PlugX, which was used in targeted attacks using Poison Ivy. At first glance, this RAT appears to be a simple tool with limited remote access capabilities. However, further analysis of PlugX reveals that it might be keeping more tricks up…
Read MoreEarlier this year, a new breed of Remote Access Tool (RAT) called Plugx (also known as Korplug) surfaced in the wild. PlugX, reportedly used on limited targeted attacks, is an example of custom-made RATs developed specifically for such attacks. The idea behind using this new tool is simple: less recognition and more elusiveness from security…
Read MoreThe security community has been focused on the new Java zero-day exploits that appear to have been taken from a Chinese exploit pack (known as Gondad or KaiXin) used in targeted attacks by the “Nitro” cyber-espionage campaign and then incorporated into criminal operations using the BlackHole Exploit Kit. While the connections between these developments are…
Read More