Gamaredon exploits a WinRAR flaw to drop modular, nearly fileless malware on Ukrainian targets, hiding payloads in Windows streams and resolving C2s via Telegram. Sekoia’s Threat Detection & Research team dropped a YARA rule in late December 2025 to hunt for new initial access vectors, and by...

#Malware #Windows

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

Gamaredon Uses WinRAR Vulnerability to Launch Modular Spy Campaign on Ukrainian Targets

VERWANDTEARTIKEL

Kali365 PhaaS Operation Expands Beyond Microsoft 365 to Target Okta and MAX Messenger

China-Linked TA4922 Expands Phishing Attacks to UK, Germany, Italy, and South Africa

Hackers Abusing Microsoft Teams and Google Drive to Deploy Remote Access Malware

Chinese Cybercrime Group in Spotlight for Record Campaign Pace

Comodo Internet Security 0-Day Vulnerability Lets Attacker Crash the User’s Windows System

Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS