Mastodawn

🚨 #GravityRAT checks CPU temperature to detect sandboxes, steals WhatsApp backups, and targets Windows & Android.

🔒 Learn how this sophisticated threat evades detection and what you can do to protect your organization: https://any.run/malware-trends/gravityrat/?utm_source=mastodon&utm_medium=post&utm_campaign=gravityrat&utm_term=050126&utm_content=linktomtt

#infosec #cybersecurity

ANY.RUN Dec 29

Top 10 last week's threats by uploads 🌐
⬆️ #Xworm 988 (549)
⬇️ #Quasar 323 (353)
⬆️ #Asyncrat 319 (244)
⬇️ #Vidar 278 (282)
⬆️ #Stealc 255 (220)
⬇️ #Lumma 190 (221)
⬆️ #Gravityrat 188 (46)
⬆️ #Salatstealer 174 (95)
⬇️ #Guloader 153 (197)
⬇️ #Smoke 138 (148)
Explore malware in action: https://app.any.run/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_term=291225&utm_content=linktoregister#register

#cybersecurity #infosec

ANY.RUN Dec 8

Top 10 last week's threats by uploads 🌐
⬆️ #Xworm 870 (854)
⬆️ #Asyncrat 415 (398)
⬆️ #Quasar 395 (329)
⬇️ #Vidar 318 (327)
⬇️ #Lumma 286 (322)
⬆️ #Remcos 273 (212)
⬇️ #Stealc 266 (296)
⬇️ #Gravityrat 241 (302)
⬆️ #Guloader 179 (172)
⬆️ #Smokeloader 155 (144)

Explore malware in action: https://app.any.run/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_term=081225&utm_content=linktoregister#register

#cybersecurity #Infosec

ANY.RUN Dec 1

Top 10 last week's threats by uploads 🌐
⬇️ #Xworm 854 (1042)
⬆️ #Asyncrat 398 (381)
⬇️ #Quasar 329 (413)
⬆️ #Vidar 327 (316)
⬇️ #Lumma 322 (370)
⬆️ #Gravityrat 302 (255)
⬆️ #Stealc 299 (251)
⬆️ #Mircop 288 (247)
⬇️ #Remcos 214 (248)
⬆️ #Guloader 172 (168)
Explore malware in action: https://app.any.run/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_term=011225&utm_content=linktoregister#register

#Top10Malware

The Threat Codex Jun 14, 2024

Operation Celestial Force employs mobile and desktop malware to target Indian entities
#GravityRAT #HeavyLift #CosmicLeopard
https://blog.talosintelligence.com/cosmic-leopard/

Operation Celestial Force employs mobile and desktop malware to target Indian entities

Cisco Talos is disclosing a new malware campaign called “Operation Celestial Force” running since at least 2018. It is still active today, employing the use of GravityRAT, an Android-based malware, along with a Windows-based malware loader we track as “HeavyLift.”

Cisco Talos Blog

AlternativeTo Jun 20, 2023

⚠️ Researchers have discovered an updated version of the #GravityRAT spyware, which is being distributed through messaging apps, and that can delete files and target #WhatsApp backups.
https://alternativeto.net/news/2023/6/new-gravityrat-spyware-found-on-messaging-apps-targets-whatsapp-backups/

New GravityRAT spyware found on messaging apps targets WhatsApp backups

ESET researchers have uncovered an updated version of the Android-based GravityRAT spyware, which...

AlternativeTo

securityaffairs Jun 16, 2023

Updated #Android #spyware #GravityRAT steals #WhatsApp Backups
https://securityaffairs.com/147524/hacking/gravityrat-steals-whatsapp-backups.html
#securityaffairs #hacking

Updated Android spyware GravityRAT steals WhatsApp Backups

An updated version of the Android remote access trojan GravityRAT can steal WhatsApp backup files and can delete files ESET researchers discovered an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can delete files. The malware is distributed as the messaging apps BingeChat and Chatico. MalwareHunterTeam researchers first shared the hash for […]

Security Affairs