#valleyrat — Public Fediverse posts on home.social

(in)sicurezza digitale @[email protected] · 2026-05-10 · 10:07 UTC

Silver Fox lancia ABCDoor: spear phishing con loader Rust personalizzato contro India e Russia, nuova backdoor Python in campo

Il gruppo APT cinese Silver Fox ha condotto campagne di spear phishing a tema fiscale contro organizzazioni in India e Russia, distribuendo il backdoor ValleyRAT affiancato da un nuovo payload Python inedito denominato ABCDoor. Kaspersky ha documentato il malware e le tecniche di evasione del loader RustSL, incluso il geofencing per paese e la persistenza tramite Phantom Persistence.

https://insicurezzadigitale.com/silver-fox-lancia-abcdoor-spear-phishing-con-loader-rust-personalizzato-contro-india-e-russia-nuova-backdoor-python-in-campo/

#apt #backdoor #cina #infosec #malware #phishing

James_inthe_box @[email protected] · 2025-12-19 · 14:41 UTC

Some fresh (2025-12-18) #silverfox #valleyrat

https://app.any.run/tasks/5f8778b4-7a5a-42fc-b814-4951c356c274

#silverfox #valleyrat

MalwareAlias @[email protected] · 2025-11-20 · 07:20 UTC

Mentioned Malware Families: PseudoManuscrypt, ValleyRAT

Aliases for PseudoManuscrypt: win.pseudo_manuscrypt
Malpedia link for PseudoManuscrypt: https://malpedia.caad.fkie.fraunhofer.de/details/win.pseudo_manuscrypt
Aliases for ValleyRAT: win.valley_rat, Winos
Malpedia link for ValleyRAT: https://malpedia.caad.fkie.fraunhofer.de/details/win.valley_rat

#PseudoManuscrypt #ValleyRAT

Aliases provided by Malpedia.

#pseudomanuscrypt #valleyrat

Habr @[email protected] · 2025-11-01 · 13:52 UTC

Злоумышленники перенимают опыт коллег: что общего между SilverFox и APT41. Разбор атаки

Привет, Хабр! На связи Евгения Устинова, старший аналитик сетевой безопасности группы компаний «Гарда» . В статье хочу рассказать, как нам удалось связать инструментарий двух группировок через особенности реализации сетевых протоколов. Отследить эволюцию инструментов группировки SilverFox – например, ПО Winos – по отпечатку процедуры сетевой коммуникации оказалось довольно сложной задачей, поэтому я решила поделиться кейсом. Подключайтесь к расследованию

https://habr.com/ru/companies/garda/articles/962222/

#разбор_атаки #Winos #Silverfox #вредоносы #фишинг #ValleyRAT #apt41 #winnti

#winnti #apt41 #valleyrat #фишинг #вредоносы #silverfox

𝙽𝙴𝚃𝚁𝙴𝚂𝙴𝙲 @[email protected] · 2025-09-24 · 10:25 UTC

Gh0stKCP is a C2 transport protocol based on KCP. It has been used by #PseudoManuscrypt and #ValleyRAT.
https://netresec.com/?b=259a5af

#pseudomanuscrypt #valleyrat

NETRESEC - Network Forensics and Network Security Monitoring @[email protected] · 2025-09-24 · 09:40 UTC

Gh0stKCP Protocol

https://web.brid.gy/r/https://www.netresec.com/?page=Blog&month=2025-09&post=Gh0stKCP-Protocol

#gh0stkcp #ghost #kcp #pseudomanuscrypt #winos40 #winos

The Threat Codex @[email protected] · 2025-09-02 · 13:37 UTC

Chasing the Silver Fox: Cat & Mouse in Kernel Shadows
#SilverFox #ValleyRAT
https://research.checkpoint.com/2025/silver-fox-apt-vulnerable-drivers/

#silverfox #valleyrat

Hackread.com @[email protected] · 2025-09-02 · 09:37 UTC

⚠️ The #SilverFox APT is exploiting a Microsoft‑signed but vulnerable driver to disable Windows security on Win 10/11 and install #ValleyRAT malware.

Details: https://hackread.com/silver-fox-apt-exploit-signed-windows-driver-valleyrat/

#CyberSecurity #Malware #China #InfoSec #Windows

#silverfox #valleyrat #cybersecurity #malware #china #infosec

Freemind @[email protected] · 2023-09-20 · 19:27 UTC

While Gh0st RAT has been extensively used in various cyber campaigns linked to China over the years, the emergence of ValleyRAT suggests that it may see wider deployment in the future.

#Cybersecurity #Malware #Phishing #Trojan #Gh0stRAT #ValleyRAT

https://cybersec84.wordpress.com/2023/09/20/new-phishing-campaign-targets-chinese-users-with-valleyrat-and-gh0st-rat/

#cybersecurity #malware #phishing #trojan #gh0strat #valleyrat