ValleyRAT
Also known as: Winos
Last 7 days
No activity observed in the last 7 days.
Further Reading
New “CleverSoar” Installer Targets Chinese and Vietnamese Users | Rapid7 Blog
In early November, Rapid7 Labs identified a new, highly evasive malware installer, 'CleverSoar,' targeting Chinese and Vietnamese-speaking victims.
rapid7.com
莫步40亿数据泄漏事件后尘!针对金融、证券业攻击活动预警
本次攻击在溯源视角下呈现出通过微信等即时通讯途径投递的特点,且针对行业集中在证券、金融领域,该团伙的恶意样本最早于2021年5月活跃。
secrss.com
Botnet C&C | Botnet Threat Update January to June 2025 | Report
spamhaus.org
Botnet C&C | Botnet Threat Update July to December 2025 | Report
spamhaus.org
Behind the Great Wall: Void Arachne Targets Chinese-Speaking Users With the Winos 4.0 C&C Framework
We recently discovered a new threat actor group that we dubbed Void Arachne. This group targets Chinese-speaking users with malicious Windows Installer (MSI) files in a recent campaign. These MSI f...
trendmicro.com
New Updates to ValleyRAT | ThreatLabz
Technical analysis of a new ValleyRAT campaign | New updates include device fingerprinting and desktop screen capturing
zscaler.com