NewApp Digest
search bot

remote surveillance

New Python Remote-Access Trojan Disguised as Minecraft App Steals Files
AppWizard
October 24, 2025

New Python Remote-Access Trojan Disguised as Minecraft App Steals Files

A new Python-based remote-access trojan (RAT) has been discovered, targeting gamers by impersonating the legitimate “Nursultan Client” application used by Eastern European Minecraft players. It utilizes the Telegram Bot API for command-and-control operations, allowing attackers to exfiltrate sensitive data and control systems on Windows, Linux, and macOS. The malware employs deceptive installation screens and manipulates the Windows registry to appear as legitimate software, but its persistence mechanism is flawed, failing to survive system reboots. It contains hardcoded credentials, enabling specific attacker control, and can perform functions like system reconnaissance, data theft, and remote surveillance, particularly targeting Discord authentication tokens. The RAT can capture screenshots and activate webcams, sending this information through the Telegram API, which complicates detection. It also has adware-like features that display URLs and images on victims' systems. Researchers believe this malware is part of a Malware-as-a-Service ecosystem, and its signature is identified as QD:Trojan.GenericKDQ.F8A018F2A0 by Netskope’s Advanced Threat Protection.
Delta Force's new operator Raptor could soon make your life hell
AppWizard
September 9, 2025

Delta Force’s new operator Raptor could soon make your life hell

Delta Force will introduce a new recon operator, Landon 'Raptor' Harrison, in the upcoming season War Ablaze on September 23. Raptor specializes in deploying scout drones and using EMP grenades to disrupt enemy gadgets. His signature gadget, the Silver Wing, is a controllable drone that can mark enemies within a 90-meter radius and function as a tactical aerial bomb. Raptor's Trace Tracker trait allows him to observe recent enemy footprints, while his Trace Detection trait alerts him when a tracked enemy aims their weapon at him. Raptor is expected to enhance gameplay dynamics and may surpass existing operators Hackclaw and Luna.
TAG-150 Hackers Deploy Custom Malware Families to Target Organizations
Tech Optimizer
September 5, 2025

TAG-150 Hackers Deploy Custom Malware Families to Target Organizations

A new cyber threat actor, TAG-150, has emerged since March 2025, utilizing a sophisticated multi-tiered infrastructure and custom malware, including CastleLoader, CastleBot, and CastleRAT. TAG-150's infrastructure consists of four tiers, including command-and-control servers and intermediary layers to obscure operations. The CastleRAT trojan, available in Python and C variants, features advanced capabilities such as stealth evasion, system information collection, and remote surveillance functions. TAG-150 employs phishing techniques and fraudulent domains to compromise victims, achieving a 28.7% infection rate among those who interact with their schemes. The group utilizes privacy-focused services and frequently relocates its infrastructure to evade detection. Experts recommend proactive measures to counteract TAG-150's activities, including blocking identified infrastructure and monitoring for data exfiltration. Indicators of compromise include specific IP addresses associated with CastleLoader.
Search