Libyan Oil Refinery Hit in Long-Running Espionage Campaign Using AsyncRAT
https://cybersecuritynews.com/libyan-oil-refinery-hit-in-long-running-espionage/

#Infosec #Security #Cybersecurity #CeptBiro #LibyanOilRefinery #EspionageCampaign #AsyncRAT

Libyan Oil Refinery Among Targets in Long-running Likely Espionage Campaign

A series of attacks targeting Libyan organizations, including an oil refinery, a telecoms organization, and a state institution, occurred between November 2025 and February 2026. The campaign utilized the AsyncRAT backdoor, delivered through spear-phishing emails with Libya-themed lure documents. The attackers exploited current events, such as the assassination of Saif al-Gaddafi, to gain access to networks. The modular nature of AsyncRAT and the targeted organizations suggest possible state sponsorship. The campaign's focus on Libya and its oil industry is notable, given the country's increased oil production and global energy supply concerns amidst Middle East conflicts.

Pulse ID: 69bdb8e4c95a097d1f31606a
Pulse Link: https://otx.alienvault.com/pulse/69bdb8e4c95a097d1f31606a
Pulse Author: AlienVault
Created: 2026-03-20 21:15:16

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#AsyncRAT #BackDoor #CyberSecurity #Email #Espionage #InfoSec #MiddleEast #OTX #OpenThreatExchange #Phishing #RAT #SpearPhishing #Telecom #bot #AlienVault

Top 10 last week's threats by uploads 🌐
⬆️ #Asyncrat 782 (533)
⬆️ #Xworm 431 (350)
⬆️ #Dcrat 427 (268)
⬆️ #Stealc 403 (215)
⬆️ #Vidar 351 (249)
⬆️ #Agenttesla 309 (241)
⬆️ #Gh0st 281 (143)
⬆️ #Remcos 270 (193)
⬆️ #Quasar 187 (158)
⬇️ #Salatstealer 181 (189)
Explore malware in action: https://app.any.run/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_term=160326&utm_content=linktoregister#register

#cybersecurity #infosec

VOID#GEIST Malware Delivers Multiple RATs through Multi-Stage Attack CTIA

VOID#GEIST is actively targeting Windows systems using phishing emails and malicious scripts. It installs remote access trojans such as XWorm,
AsyncRAT and Xeno RAT to allow attackers to control infected computers.

Pulse ID: 69ab76815510954864898d9c
Pulse Link: https://otx.alienvault.com/pulse/69ab76815510954864898d9c
Pulse Author: cryptocti
Created: 2026-03-07 00:51:13

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#AsyncRAT #CyberSecurity #Email #InfoSec #Malware #OTX #OpenThreatExchange #Phishing #RAT #RemoteAccessTrojan #Trojan #Windows #Worm #XWorm #XenoRAT #bot #cryptocti

Top 10 last week's threats by uploads 🌐
⬆️ #Xworm 476 (303)
⬆️ #Asyncrat 472 (363)
⬇️ #Dcrat 452 (527)
⬆️ #Vidar 227 (174)
⬆️ #Stealc 212 (176)
⬇️ #Remcos 208 (262)
⬇️ #Salatstealer 183 (219)
⬇️ #Agenttesla 157 (247)
⬇️ #Quasar 156 (192)
⬇️ #Gh0st 155 (161)
Explore malware in action: https://app.any.run/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_term=020326&utm_content=linktoregister#register

#cybersecurity #infosec

Top 10 last week's threats by uploads 🌐
⬆️ #Dcrat 527 (429)
⬇️ #Asyncrat 364 (432)
⬇️ #Xworm 303 (370)
⬆️ #Remcos 268 (250)
⬇️ #Agenttesla 247 (523)
⬆️ #Salatstealer 219 (215)
⬇️ #Quasar 192 (212)
⬇️ #Stealc 176 (258)
⬇️ #Vidar 174 (256)
⬆️ #Lumma 172 (154)
Explore malware in action: https://app.any.run/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_term=230226&utm_content=linktoregister#register

#cybersecurity #infosec

Top 10 last week's threats by uploads 🌐
⬇️ #Agenttesla 523 (548)
⬇️ #Asyncrat 432 (435)
⬆️ #Dcrat 429 (379)
⬆️ #Xworm 370 (366)
⬇️ #Stealc 258 (360)
⬇️ #Vidar 256 (345)
⬆️ #Remcos 254 (232)
⬆️ #Worm 250 (121)
⬆️ #Reverseloader 224 (167)
⬆️ #Quasar 212 (200)
Explore malware in action: https://app.any.run/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_term=160226&utm_content=linktoregister#register

#cybersecurity #infosec