Winos 4.0 Malware Expands Targets with HoldingHands RAT

The threat actors behind Winos 4.0 malware have expanded their targeting to include new regions, utilizing phishing emails with embedded malicious links in PDFs. These attacks deliver the HoldingHands RAT, which is capable of capturing sensitive information and executing arbitrary commands. The malware is distributed through fake websites and SEO poisoning, and is linked to an aggressive cybercrime group. Recent campaigns have used taxation-themed documents and fake landing pages to deceive recipients into downloading the malware.

Latest mentioned: 10-18

Earliest mentioned: 10-16

Sources

securityonline.info thehackernews.com gbhackers.com

Also Read

Cyber-Espionage Campaign Targets Linux Systems with New RAT

A cyber-espionage campaign targeting government entities running Linux systems has been uncovered. The campaign, attributed to the group TransparentTribe, involves a new remote access tool called DeskRAT. Researchers found that phishing emails were used to deliver malicious ZIP archives containing deceptive documents. The campaign used dedicated staging servers to distribute malware, which executed a Bash command sequence to download and run a binary payload. DeskRAT is capable of establishing command-and-control communications, uploading and executing files remotely, and maintaining persistence through multiple Linux-specific techniques.

10-23Read more →