ESET researchers have identified 12 Android espionage apps that share the same malicious code; six were available on Google Play. All the observed applications were advertised as messaging tools, apart from one that posed as a news app. In the background, these apps covertly execute remote access trojan (RAT) code
Infoblox has published a second threat report with critical updates on “Decoy Dog,” the remote access trojan (RAT) toolkit they discovered and disclosed in April 2023. The malware uses DNS to establish command and control (C2) and is suspected as a secret tool used in ongoing nation-state cyber attacks. The
ESET teamed up with Avast to research a constantly evolving remote access tool (RAT) with the usual backdoor functionality that ESET has dubbed Mikroceen, only to discover that it is being used in espionage attacks against government and business entities (from the telcos and gas industries) in Central Asia.