Geeks for your information News Privacy & Security News v
AirNaine Uses New ARS RAT Strain Named ZeroEvil Against Canadian Businesses
AirNaine Uses New ARS RAT Strain Named ZeroEvil Against Canadian Businesses
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,064 in 3,838 posts
Thanks Given: 6,200
Joined: 12 September 18
#1
05 October 18, 17:23
Quote:Blueliv Labs team detected a new data stealer malware named ZeroEvil developed by the same developer who created the remote access Trojan (RAT) ARS Loader and used in a malware campaign by the AirNaine actor (known as TA545 by Proofpoint).

The ARS Loader RAT evolved since 2017, with its developer continuously expanding its capabilities, adding PowerShell download and execution, screenshot exfiltration, monitoring, persistence on the infected system, and Edge passwords theft.

The new strain observed by the Blueliv Labs team was first detected in mid-September when malware samples with the same activity patterns as ARS Loader but with enough differences in the malicious code to deserve some extra attention.

Source: https://news.softpedia.com/news/airnaine...3078.shtml
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
uBOLite 2026.529.1448 (already available...
uBOLite 2026.529.1...harlan4096 — 08:05
Microsoft Edge 148.0.3967.96
Version 148.0.3967...harlan4096 — 08:02
Brave 1.90.128 (Chromium 148.0.7778.217)
Release v1.90.128 ...harlan4096 — 08:01
Don’t let fake IPTV apps ruin your World...
We break down how ...harlan4096 — 07:59
Microsoft Rolls Out A New Update With Lo...
Microsoft has star...harlan4096 — 07:58

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>