"China-Linked ValleyRAT Malware Resurfaces with Advanced Data Theft Tactics"
Researchers have discovered a new campaign spreading an updated version of the "ValleyRAT" malware. According to Zscaler ThreatLabz, the latest version includes screenshot capturing, process filtering, Windows event log clearing, and more. In 2023, QiAnXin and Proofpoint documented ValleyRAT's use in a phishing campaign targeting Chinese-speaking users and Japanese organizations that distributed "Purple Fox" and "Sainbox RAT," a variant of the "Gh0st" Remote Access Trojan (RAT) Trojan. This article continues to discuss findings regarding the China-linked ValleyRAT malware.
THN reports "China-Linked ValleyRAT Malware Resurfaces with Advanced Data Theft Tactics"
Submitted by grigby1
Submitted by grigby1 CPVI
on