Skip to main content

A mysterious new Chinese malware strain is targeting large firms across the globe

A new malware strain called ValleyRAT is being deployed among large organizations around the world, researchers have warned.

Cybersecurity experts from Proofpoint published a report alleging that Chinese businesses on the mainland, but also other firms elsewhere, are being targeted by multiple new malware strains, possibly used by more than one new threat actor.

Among those is a new tool called ValleyRAT: “The campaigns distributing this malware were conducted in Chinese, and, following the trend of other Chinese malware campaigns, the majority used invoice themes related to various Chinese businesses,” the researchers said, stating that they saw multiple campaigns distributing this particular malware. 

RAT-infested emails

ValleyRAT was first spotted in March 2023, Proofpoint further stated, and while it's probably the most interesting one, it’s hardly the only variant being deployed. The researchers also spotted Sainbox (a variant of the infamous Gh0stRAT), as well as Purple Fox. With the latter, the attackers mostly went after Japanese targets:

“While historic activity aligns with what Proofpoint considers Chinese-themed, it is rarely observed in our threat data,” the researchers said when discussing Purple Fox. “Notably, one observed campaign used Japanese-language invoice themes targeting organizations in Japan to deliver zipped attachments that led to installation, while others used Chinese language invoice themed messages with URLs.”

So far, Proofpoint says it identified more than two dozen of these campaigns. In them, the attackers would impersonate major corporations and reach out to their employees via email, in an attempt to get them to download and run some of the abovementioned RATs. 

While the evidence seems inconclusive when it comes to the attackers’ identities, the researchers speculate that this could be the work of multiple groups, which most likely share valuable resources. They base these conclusions on the fact that “some activity clusters do overlap.”

The motives of the attackers are also unknown at this time.

More from TechRadar Pro



Comments

Post a Comment

Popular posts from this blog

The latest Apple TV 4K test lets you watch four sports streams at once

Apple is trying something new with the latest beta version of tvOS 16.5: the option to watch up to four simultaneous streams at once. Right now it's limited to live sports streamed through the Apple TV app on the Apple TV 4K , specifically MLB Friday Night Baseball and the MLS Season Pass. A multi-view option was spotted in the tvOS software last month, but the code was hidden and not enabled. MacRumors reported that the feature would be enabled this weekend, and beta testers have since been able to use it. As yet multi-view hasn't been officially announced by Apple, but it's expected that tvOS 16.5 is going to be pushed out in its final form within the next month or so. WWDC 2023 is around the corner as well, when we should be hearing about the next major updates for Apple's various operating systems – including tvOS 17. How it works Over at 9to5Mac there's a hands-on demonstrating how the multi-view feature works, and it's pretty much as you would expe...
Post a Comment
Read more

Garmin's new radar-equipped tail light will keep you safe on your e-bike

Garmin's Varia bike radars are some of the most popular pieces of cycling tech around – and now the company has delivered its first rearview radar to have been specially designed for some of the best e-Bikes .   Garmin's Varia range mounts to the back of your bike and broadcasts a radar signal behind you, so you can get visual and audible alerts when something's overtaking you. Even better, the new Varia eRTL615 plugs directly into most e-bikes, with no battery required. Because the catchily-named Varia eRTL615 is also a tail light, it'll also make sure you're visible to other vehicles too, promising to emit a flashing or solid light that's visible from up to a mile away in daylight. To connect Garmin's new radar tail light to your e-bike, you'll need to pick the right Garmin adapter cable (which isn't included). You can buy power cables compatible with Bosch, Shimano, or USB-A terminals or connections, with more info on those available on Garmin...
Post a Comment
Read more

Revolution Software is using their own AI technology to remake Broken Sword

TechRadar Gaming is reporting live from Gamescom 2023 on the latest and greatest developments in gaming and hardware. Revolution Software announced at Gamescom 2023 that Broken Sword would be coming back, with Broken Sword - The Shadow of the Templars getting a full remake while a sixth title in the series is coming in the future too, under the title Broken Sword - Parzival’s Stone .  Speaking to TRG ahead of the announcement, Cecil talked about the studio’s plans for a Broken Sword remake and the sixth title in the series. Cecil is a larger-than-life character, who is able to talk about the studio’s plans with enthusiasm. It even carries a pocketful of stones to illustrate the plans for Parzival’s Stone , but he also talks about how Broken Sword - The Shadow of the Templars would be using AI to upscale.  Cecil wasn’t shy about the studio’s use of AI technology, but he gave a fairly robust explanation of why the game was using it. The AI technology will be used to upda...
Post a Comment
Read more