Dtrack RAT's latest victim is Kudankulam Nuclear Power Plant (KKNPP). It is related to Lazarus Group which believe to be a North Korean state sponsor threat actor. The power plant had an unexpected shutdown on one of its reactors which sparks a controversy which now is confirmed after The Nuclear Power Corporation of India Limited (NPCIL) admission on claims of a malware attack on the Kudankulam Nuclear Power Plant (KKNPP) are true.
Casbaneiro, a banking trojan designed to deceive the victims, proposing the display of fake pop-up windows that try to convince the unfortunates to enter sensitive data in order to steal it and use it fraudulently.
FTCODE Ransomware encrypts user data using AES-256 (in CBC mode) + RSA-1024, and then requires a ransom of $500 to return the files. FTCODE ransomware mainly target Italian companies. It is spreading via email spam campaign which previously know to distribute JasperLoader and Gootkit.
Emissary Panda, which also goes by other identikits such as APT27, IronTiger, BronzeUnion, TG-3390, and LuckyMouse , is a decade old Chinese APT. It primarily targets aerospace, government, defense, technology, energy, and manufacturing sectors. Not much is know about the activities of this group.
cURL is generally know for accessing and downloading web pages or files form command line. However, there is another great feature that utilize cURL to test connectivity or access other TCP services running on other ports. A sample syntax for the command is as follows