CP
cyberpings
Malware & RansomwareHIGH

VOID#GEIST Malware Unleashes Trio of Dangerous RATs

THThe Hacker NewsYesterday, 2:33 PM
VOID#GEISTXWormAsyncRATXeno RAT
🎯

Basically, a new malware called VOID#GEIST is spreading dangerous software that lets hackers control your computer.

Quick Summary

A new malware campaign named VOID#GEIST is delivering dangerous RATs like XWorm and AsyncRAT. This affects anyone using a computer, as hackers can gain control and steal sensitive data. Stay vigilant and update your security measures to protect yourself.

What Happened

A new wave of malware has emerged, and it's called VOID#GEIST. This multi-stage cyberattack is particularly concerning because it uses batch scripts? to deliver a trio of remote access trojans (RATs)?: XWorm, AsyncRAT, and Xeno RAT. These RATs allow attackers to gain control of infected systems, making this a serious threat to both individuals and organizations.

The VOID#GEIST campaign was uncovered by researchers at Securonix Threat Research. They found that the malware operates in stages, with an initial batch script that deploys the second stage payloads?. This layered approach makes it harder for traditional security measures to detect and block the malware, increasing the risk of widespread infection.

The stealthy nature of this attack makes it particularly dangerous. Users may unknowingly download the malware, believing they are opening harmless files. Once activated, the RATs can steal sensitive information, monitor user activity, and even take control of the machine remotely.

Why Should You Care

This isn't just a problem for tech experts; it affects you directly. If your device gets infected, hackers could access your personal files, bank details, and passwords. Imagine leaving your front door unlocked while you sleep — that’s what it feels like when your computer is compromised.

The key takeaway here is that vigilance is crucial. You might think, "It won't happen to me," but malware like VOID#GEIST can spread quickly and silently. If you use your computer for online banking, shopping, or even just browsing, you need to be aware of these threats.

What's Being Done

Cybersecurity experts are actively monitoring the VOID#GEIST campaign. They are working on identifying the specific vulnerabilities that the malware exploits and developing patches to protect against it. Here’s what you can do right now to safeguard your devices:

  • Update your antivirus software to the latest version.
  • Be cautious with email attachments and downloads from unknown sources.
  • Regularly back up your data to minimize damage in case of an infection.

Experts are keeping a close eye on how this campaign evolves and are particularly interested in any new RATs that may be introduced in the future. Staying informed is your best defense against these types of attacks.

💡 Tap dotted terms for explanations

🔒 Pro insight: The multi-stage approach of VOID#GEIST mirrors advanced persistent threat tactics, indicating a sophisticated actor behind the campaign.

Original article from

The Hacker News

Read Full Article

Share

Related Pings

HIGHMalware & Ransomware

ClickFix Attackers Evolve Tactics to Bypass Security Measures

Microsoft warns about a new ClickFix phishing tactic. Attackers are tricking users into executing harmful commands via Windows Terminal. This method can compromise your data and security. Stay alert and educate yourself on these evolving threats!

CSO Online·Yesterday, 9:15 PM
HIGHMalware & Ransomware

Fake Google Meet Update Gives Attackers Control of Your PC

A fake Google Meet update is tricking users into giving hackers control of their PCs. This poses a serious risk to personal and sensitive data. Stay vigilant and avoid suspicious update prompts to protect yourself.

Malwarebytes Labs·Yesterday, 7:35 PM
HIGHMalware & Ransomware

Spyware Masquerades as Emergency App Targeting Israeli Smartphones

Israeli smartphones were targeted by spyware disguised as an emergency app. This deceptive tactic puts personal data at risk. Stay vigilant and verify app legitimacy to protect your privacy.

The Register Security·Yesterday, 6:56 PM
HIGHMalware & Ransomware

Metasploit Update: New Exploits and Enhanced Control Features

Metasploit has launched a new update with powerful exploits and features. Users of Tactical RMM and MajorDoMo are particularly at risk. Stay ahead of potential attacks by updating your systems and reviewing security measures.

Rapid7 Blog·Yesterday, 6:28 PM
HIGHMalware & Ransomware

New ClickFix Attack Uses Windows Terminal for Malicious Payloads

A new wave of ClickFix attacks targets Windows Terminal to deliver malicious payloads. Users are at risk of unauthorized access and data theft. Stay cautious and keep your software updated to protect yourself.

Cyber Security News·Yesterday, 6:05 PM
HIGHMalware & Ransomware

AI-Powered Malware: Transparent Tribe Targets India

A hacking group is using AI to create malware targeting India. This mass production of implants could compromise personal data and financial security. Experts recommend updating software and using strong passwords to protect against these threats.

The Hacker News·Yesterday, 3:11 PM