KONNI: A Malware Under The Radar For Years
This blog was authored by Paul Rascagneres Executive Summary Talos has discovered an unknown Remote Administration Tool that we believe has been in use for over 3 years. During this time it has managed to avoid scrutiny by the security community. The current version of the mal
Introducing ROKRAT
This blog was authored by Warren Mercer and Paul Rascagneres with contributions from Matthew Molyett. Executive Summary A few weeks ago, Talos published research on a Korean MalDoc. As we previously discussed this actor is quick to cover their tracks and very quickly cleaned up
Go RAT, Go! AthenaGo points “TorWords” Portugal
This post was authored by Edmund Brumaghin with contributions from Angel Villegas Summary Talos is constantly monitoring the threat landscape in an effort to identify changes in the way attackers are attempting to target organizations around the world. We identified a unique m
Malware Meets SysAdmin - Automation Tools Gone Bad
This post was authored by Alex Chiu and Xabier Ugarte Pedrero. Talos recently spotted a targeted phishing attack with several unique characteristics that are not normally seen. While we monitor phishing campaigns used to distribute threats such as Dridex, Upatre, and Cryptowall,