New LuckyCat-Linked RAT Targets Users in Tibet

Login Register

SMTPMart - Buy Inbox SMTP | Leads | Shell | cPanel 100% Bonus on 1st deposit | Instant Refunds

ProxyByte $2/GB | Residential IPv4 - No Logs - 26M+ IPs - All unblocked

REFUNDING.GG | #1 REFUND SERVICE | SAME DAY REFUNDS | WORLDWIDE ORDERS | GET ITEMS 85% OFF

New Ownership - Policies and Changes Going Forward

Thread Rating:

0 Vote(s) - 0 Average

New LuckyCat-Linked RAT Targets Users in Tibet
Author Message

sunjester Offline

Offline

Developer

Registered (Silver)

Six Years of Service

Posts: 471

Threads: 149

Reputation: 24

Currency: 261 NSP

New LuckyCat-Linked RAT Targets Users in Tibet 02-07-2019, 03:16 PM #1

Quote:The document exploits CVE-2017-0199, an arbitrary code execution vulnerability in Office. The file also attempts to perform some geo-location lookups and contacts the command and control (C&C) server to receive a JavaScript script responsible for downloading the final payload.

https://www.securityweek.com/new-luckyca...sers-tibet

Reply

darkninja1980 Offline

Offline

Hacker

Registered (Diamond)

Six Years of Service

Posts: 2,973

Threads: 246

Reputation: 71

Currency: 284 NSP

Gold

Ageless

Bunny

Power Poster

Hoarder

Fireworks

Birthday

RE: New LuckyCat-Linked RAT Targets Users in Tibet 03-25-2019, 12:09 AM #2

the article looks very interesting to read.

My IT skills that I know perfect is SQL, HTML ,css ,wordpress, PHP.
coding skills that I know is Java, JavaScript and C#

Reply

Johnngnky Offline

Offline

Registered (Silver)

Registered (Silver)

Six Years of Service

Posts: 634

Threads: 39

Reputation: 36

Currency: 246 NSP

Birthday

RE: New LuckyCat-Linked RAT Targets Users in Tibet 03-25-2019, 03:05 AM #3

Users(including me) need to be more aware of macro enabled documents.

johnngnky#5687 BANNED - permed, appeal failed.

contact me exclusively using the below email.

contact@johnngnky.xyz

Reply

mothered Offline

Offline

Nevermind how, I will login

Registered (Diamond)

Twelve Years of Service

Posts: 72,627

Threads: 307

Reputation: 493

Currency: 50,359 NSP

Gold

Cookie

Turkey

Power Poster

Reputable

Legendary

Staff

Golden Staff

Loved

Hammer

RE: New LuckyCat-Linked RAT Targets Users in Tibet 03-25-2019, 03:17 AM #4

Quote:a JavaScript script responsible for downloading the final payload

Why am I not surprised that JavaScript Is part of the equation?

[Image: AD83g1A.png]

Reply

Users browsing this thread: 1 Guest(s)

Powered By MyBB, © Sinisterly

Sinisterly Contact Us Return to Top Lite (Archive) Mode RSS Syndication Awards Bans

Linear Mode Threaded Mode View a Printable Version