This is not going to be a tutorial on how to build your own malware laboratory but an overview about mine and what issues I stumbled upon while researching and configuring it. It was not an easy journey, I failed, swore a lot and overall, it took me nearly 2…
At time of writing, Abaddon might be the first RAT using Discord as a C2 to carry out attacks and execute commands on infected machines. While this might not be a big threat to companies (assuming that you already blacklisted any discord domains since it doesn’t make any sense…
Managed Defense analysts were the first one to analyse a variant of Quasar RAT specific to threat group APT10 (Red Apollo), a Chinese cyber-espionage group. Quasar RAT is a publicly available remote access trojan that is a fully functional .NET backdoor and freely available on Github. Some of the malware’…
Agent Telsa is a spyware, keylogger and information stealer Trojan written in C# that has been active since 2014 as a MaaS (Malware as a Service). Commonly distributed via emails, the attacker intends to lure the victim into opening the attachment. Once macros have been enabled, the malware will simply…