A threat actor was discovered mimicking legitimate websites to host and deliver the 9002 RAT, also known as Aurora, Hydraq, and McRat.
Binary padding, system checks, and obfuscation were used in an attempt to evade antivirus software detection.
The malicious software exfiltrates a range of data including system information and data from web browsers, crypto wallets, and certain user directories.
Aurora Stealer Leverages Shapeshifting Tactics And Popular Applications To Target Users
+1
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Login
CUSTOMER / CYMULATE EMPLOYEE LOGINor
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.