The Threat CodexJun 4, 2024
Fake Browser Updates delivering BitRAT and Lumma Stealer
#BitRAT #LummaStealer
https://www.esentire.com/blog/fake-browser-updates-delivering-bitrat-and-lumma-stealer
Fake Browser Updates delivering BitRAT and Lumma Stealer

Learn more about fake browser updates delivering BitRAT and Lumma Stealer malware and get security recommendations from our Threat Response Unit (TRU) to…

eSentire
JacobMar 31, 2024

Interesting #Phishing email lure leading to #BitRAT malware

email lure
-->
adskom[.]net/fhs2u&id=[EMAIL ADDRESS]
-->
onlines[.]life/srMH (fake document lure)
-->
cdn.discordapp[.]com/attachments/1214677087252643863/1223608639382618213/T9C_Document.docx.zip?ex=661a7959&is=66080459&hm=a0453313fc03b0219dc0549a0e45f5d5ae2ee079725a007cd65724ca88b169da& (zip download)
-->
T9C Document.docx.js
-->
hxxps://193[.]233.132.136/a/z.png (SHA256 4431712d10e9f14bcbd31dba91597782d4a4edafa88ca78eb5118ff7446f4566)
-->
hxxps://193.233.132.136/a/0x.png (powershell command)
-->
hxxps://193[.]233.132.136/a/a.png (drops BitRAT exe, UPX packed)

Link to a triage run by Petik from VT:
https://tria.ge/240319-znqxmafd24

bitrat | 4431712d10e9f14bcbd31dba91597782d4a4edafa88ca78eb5118ff7446f4566 | Triage

Check this bitrat report malware sample 4431712d10e9f14bcbd31dba91597782d4a4edafa88ca78eb5118ff7446f4566, with a score of 10 out of 10.

D3LabSep 22, 2023

Campagne #Malware #Italy Week 38

☠️💣🔥

#AgentTesla: Pagamento Bancario
#Brata - #SMSSpy: #APK Bank
#Ursnif: Pagamenti SMB
#AveMaria - #AsyncRAT: Ordine
#Formbook: Fornitura
#ScreenConnect: Pagamento
#BitRAT - #RemcosRat: Documento

#mwitaly

D3LabSep 15, 2023

Campagne #Malware #Italy Week 37

☠️ Persistenti
#AgentTesla: Pagamento Bancario
#Guloader: Registri

💣 D'eccezione
#IcedID: Documenti
#Vidar: Pagamenti via PEC
#Ursnif: Fattura
#BitRat: Documenti

#mwitaly

Scripter Jan 6, 2023
Hackers Using Stolen Bank Information to Trick Victims into Downloading BitRAT Malware
https://thehackernews.com/2023/01/hackers-using-stolen-bank-information.html #Cybercrime #Malware #Trojan #BitRAT #Phishing
Hackers Using Stolen Bank Information to Trick Victims into Downloading BitRAT Malware

Cybercriminals Using Stolen Bank Information to Trick Victims into Downloading BitRAT Malware

The Hacker News
securityaffairsJan 3, 2023
#BitRAT campaign relies on stolen sensitive bank data as a lure
https://securityaffairs.com/140268/malware/bitrat-bank-data-lures.html
#securityaffairs #hacking #malware
BitRAT campaign relies on stolen sensitive bank data as a lure

Experts warn of a new malware campaign using sensitive information stolen from a bank as a lure to spread the remote access trojan BitRAT. Qualys experts spotted a new malware campaign spreading a remote access trojan called BitRAT using sensitive information stolen from a bank as a lure in phishing messages. BitRAT is a relatively new […]

Security Affairs
MistressPrime Jan 3, 2023

#Hackers Using Stolen Bank Information to Trick Victims into Downloading #BitRAT #Malware

"BitRAT, an off-the-shelf malware available on sale on underground forums for a mere $20, comes with a wide range of functionalities to steal data, harvest credentials, mine cryptocurrency, and download additional binaries.

"Commercial off the shelf RATs have been evolving their methodology to spread and infect their victims," Pradhan said. "They have also increased the usage of legitimate infrastructures to host their payloads and defenders need to account for it." "

https://thehackernews.com/2023/01/hackers-using-stolen-bank-information.html

Hackers Using Stolen Bank Information to Trick Victims into Downloading BitRAT Malware

Cybercriminals Using Stolen Bank Information to Trick Victims into Downloading BitRAT Malware

The Hacker News