Threats Tagged 'hvnc'
View all threats tagged with 'hvnc'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'hvnc'
Click on any threat for detailed analysis and mitigation recommendations
SilabRAT, What's Your Power? 0 SilabRAT is an advanced Remote Access Trojan offered as Malware-as-a-Service on Darkweb forums since late 2025, developed by threat actor o1oo1 and sold for $5,000 monthly. This financially-motivated tool focuses on credential theft and cryptocurrency operations, featuring Hidden Virtual Network Computing for invisible remote control, browser profile cloning to bypass session protections, and automated cryptocurrency wallet password cracking. The RAT bypasses Chrome App-Bound Encryption, performs session hijacking, and includes keylogging, clipboard monitoring, and remote desktop capabilities. Distributed through phishing and ClickFix campaigns with operator-hosted infrastructure, SilabRAT uses ChaCha20-Poly1305 encryption for command-and-control communications. The developer also offers AsmCrypt, a companion crypter service, creating a complete malware bundle from evasion to execution and remote control. Join the discussion | AlienVault OTX General | 06/10/2026, 11:58:30 UTC Added: 06/10/2026, 13:50:24 UTC |
CrySome RAT : An Advanced Persistent .NET Remote Access Trojan 0 CrySome is a sophisticated .NET-based remote access trojan designed for persistent command-and-control operations. It features advanced persistence mechanisms, including recovery partition abuse and offline registry modification, allowing it to survive system resets. The malware incorporates an aggressive defense evasion module, disabling security products and blocking updates. Key capabilities include command execution, file operations, surveillance, credential theft, and hidden virtual desktop control. CrySome's modular architecture and structured packet-based protocol enable a wide range of remote operations. Its emphasis on stealth, resilience, and comprehensive system control makes it a significant threat for long-term covert access to compromised environments. Join the discussion | AlienVault OTX General | 03/31/2026, 16:14:28 UTC Added: 03/31/2026, 18:53:15 UTC |
PureRAT: Attacker Now Using AI to Build Toolset 0 A Vietnamese threat actor is employing AI to develop code for an ongoing phishing campaign delivering PureRAT malware and other payloads. The attacks begin with phishing emails disguised as job opportunities, potentially targeting work computers. The attacker's use of AI is evidenced by detailed comments and numbered steps in scripts, as well as instructions in debug messages. The attack chain involves malicious archives, sideloaded DLLs, and batch scripts likely authored using AI. The attacker appears to be continually refining their methods and may be selling access to compromised organizations. This case demonstrates how AI can lower the barrier to entry for less skilled attackers, helping them write code and build attack toolkits. Join the discussion | AlienVault OTX General | 01/28/2026, 17:20:03 UTC Added: 01/28/2026, 18:50:56 UTC |
Showing 1 to 3 of 3 results