Lmst
Login

#XWormRAT

Hackread.comHackread@mstdn.social
2025-01-24

🚨 Hackers target script kiddies with a Trojanized XWorm RAT builder, compromising 18,000+ devices! Sensitive data stolen via Telegram-based C&C.

Read: hackread.com/hackers-script-ki

#CyberSecurity #Malware #XWormRAT #CyberAttack

MalwareLabmalwarelab_eu@infosec.exchange
2024-03-23

Recent #stegocampaign delivering #XWorm RAT #malware samples.
Quick review of #sandbox analysis reports reveal simple, yet interesting infection chain. It contains #VisualBasic script, #PowerShell scripts, picture with Base64-encoded executable and the #xwormrat itself. Those payloads have been downloaded from online hosting services such as #Pastebin and #Firebase.

My new article with #IOC and analysis malwarelab.eu/posts/stego-xwor

#steganography #Steganoanalysis #anyrun #malwareanalysis #obfuscation #cyberchef

Execution of VBS script from stegocampaign leading to XWorm RATPowerShell command to download steganography imagesDownloaded steganography image with embedded portable executableExtracting and decoding Portable Executable file from steganography image with CyberChef
Marcel SIneM(S)USsimsus@social.tchncs.de
2023-04-27

#XWormRAT: Avira-Sicherheitsexperten warnen vor #Malware | heise online heise.de/news/XWorm-RAT-Avira-

Scripter :verified_flashing:scripter@social.tchncs.de
2023-04-26

XWorm RAT: Avira-Sicherheitsexperten warnen vor Malware | heise online
heise.de/news/XWorm-RAT-Avira- #Cybercrime #Malware #XWormRAT #XWorm

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst