NoGoolag
@NoGoolag
4.69K subscribers
19.9K photos
11.2K videos
785 files
20.1K links
Live free!

📡 @NoGoolag

FAQ:
http://t.me/NoGoolag/169

★Group:
https://t.me/joinchat/nMOOE4YJPDFhZjZk

📡 @Libreware

📚 @SaveAlexandria

📡 @BallMemes

FORWARDS ARE NOT ENDORSEMENTS

💯 % satire OSINT
Download Telegram
About
Blog
Apps
Platform
Join
NoGoolag
4.69K subscribers
NoGoolag
#heart #rat
475 views
NoGoolag
Android app breaking bad: From legitimate screen recording to file exfiltration within a year | WeLiveSecurity – 2023

The application’s specific malicious behavior, which involves extracting microphone recordings and stealing files with specific extensions, potentially indicates its involvement in an espionage campaign.

#AhRAT #RAT
WeLiveSecurity
Android app breaking bad: From legitimate screen recording to file exfiltration within a year
ESET research uncovers AhRat, a new Android RAT based on AhMyth that steals files and records audio and was distributed via an app in the Google Play Store.
696 viewsedited  
NoGoolag
Forwarded from Pegasus NSO & other spyware
Securonix Threat Labs Security Advisory: New MULTI#STORM Attack Campaign Involving Python-based Loader Masquerading as OneDrive Utilities Dropping Multiple RAT Payloads Using Security Analytics - Securonix – June 2023

An interesting phishing campaign was recently analyzed by the Securonix Threat Research Team. The attack kicks off when the user clicks on a heavily obfuscated JavaScript file contained in a password protected zip file. Some of the victims targeted by the MULTI#STORM campaign appear to be in the US and India.

The attack chain ends with the victim machine infected with multiple unique RAT (remote access trojan) malware instances, such as Warzone RAT and Quasar RAT. Both are used for command and control during different stages of the infection chain.

#RAT #MultiStorm #Trojan #JS #Python #malware #India #US
448 views
NoGoolag
Forwarded from Pegasus NSO & other spyware
Untangling Android/TangleBot. We dig in a malicious sample of… | Cryptax

We dig in a malicious sample of Android/TangleBot of May 2024. TangleBot is also reported as a BankBot, although it is more an Android RAT currently than a banking trojan. It is also known as Medusa, but I prefer not to use this name, as this confuses the Android malware with a Windows ransomware, or with the non-malicious and useful hacking tool Medusa.

An excellent analysis of TangleBot is available here. I invite you to read it to understand the history of TangleBot, how much the new versions have changed, who they target and what they do.

In this blog post, I will focus on something different: how to analyze the sample, and how it is implemented.

Via @androidmalware
#Android #RAT #TangleBot #BankBot
235 views