New Remcos RAT Variant is Spreading by Exploiting CVE-2017-11882

May 4, 2018

Several days ago, FortiGuard Labs captured a malware sample that was exploiting the Microsoft Office vulnerability CVE-2017-11882 patched by Microsoft last November. The sample is an RTF document with an Equation object. By analyzing its behavior in my test environment, I realized that it spreads a new variant of Remcos RAT, version “2.0.4 Pro,” that was released on April 7, 2018 from its official website. It is able to control the victim’s PC after infection.

Read more...

Previous Article
GandCrab V3 Accidentally Locks Systems with New ‘Change Wallpaper’ Feature
GandCrab V3 Accidentally Locks Systems with New ‘Change Wallpaper’ Feature

GandCrab is one of the most talked about ransomware families this year primarily due to its increasing dist...

Next Article
Yet Another Crypto Mining Botnet?
Yet Another Crypto Mining Botnet?

In February 2018, several Russian nuclear scientists were arrested for allegedly mining cryptocurrencies us...