Millennium RAT Rewritten in C++, Infects 62,000 Devices in 160 Countries
Group-IB tracks Y2K Operators distributing upgraded Millennium RAT through game cheats and cracked software. Telegram serves as C2 channel.
7 articles tagged with "Maas"
Group-IB tracks Y2K Operators distributing upgraded Millennium RAT through game cheats and cracked software. Telegram serves as C2 channel.
BlackFog researchers detail OnyxC2 MaaS stealer pricing at $250/month. Targets browsers, crypto wallets, password managers with DLL sideloading delivery that bypasses VirusTotal detection.
New MaaS stealer ships encrypted browser data to attacker infrastructure for decryption, bypassing endpoint detection. Session hijacking with geo-matched proxies defeats MFA.
REMUS, a 64-bit Lumma Stealer successor, now offers session theft, EtherHiding blockchain C2, and full MaaS infrastructure targeting browser credentials and auth tokens.
New Storm infostealer bypasses Chrome's App-Bound Encryption by shipping encrypted credentials to attacker infrastructure for decryption. Endpoint tools can't detect it.
Kaspersky exposes Arkanix Stealer, a Python and C++ infostealer likely built with LLM assistance. After two months of targeting crypto wallets and VPNs, the operation vanished.
New $150/month malware platform allows attackers to create weaponized versions of legitimate Android apps while maintaining full functionality.