The Latest in IT Security

‘DarkWatchman’ RAT Shows Evolution in Fileless Malware

16
Dec
2021
‘DarkWatchman’ RAT Shows Evolution in Fileless Malware

image credit: freepik

A novel remote access trojan (RAT) being distributed via a Russian-language spear-phishing campaign is using unique manipulation of Windows Registry to evade most security detections, demonstrating a significant evolution in fileless malware techniques.

Dubbed DarkWatchman, the RAT – discovered by researchers at Prevailion’s Adversarial Counterintelligence Team (PACT) – uses the registry on Windows systems for nearly all temporary storage on a machine and thus never writes anything to disk. This allows it “to operate beneath or around the detection threshold of most security tools,” PACT researchers Matt Stafford and Sherman Smith wrote in a report published late Tuesday.

Read More

Comments are closed.

Categories

MONDAY, JANUARY 17, 2022
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments