The Python-based Discord Remote Access Trojan (RAT) leverages Discord’s API as a C2 server to execute arbitrary system commands, steal sensitive information, capture screenshots, and manipulate both local machines and Discord servers.

Flesh Stealer has been actively promoted on Discord, Telegram channels, and underground forums like Pyrex Guru. Employing Base64 obfuscation techniques to conceal its functions and strings, the stealer first emerged in August 2024.

Developed in C# for the .NET Framework 4.8, NonEuclid is built to evade detection and offers a suite of advanced capabilities, including ransomware encryption, privilege escalation, and anti-detection mechanisms.

FireScam monitors device activities such as screen state changes, e-commerce transactions, clipboard activity, and user engagement to gather valuable information covertly.

CYFIRMA recently discovered a new malware called “Wish Stealer” that targets Windows users by stealing sensitive information from various sources like Discord, web browsers, cryptocurrency wallets, and social media accounts.

Disguised as legitimate antivirus software, SpyNote exploits Android app permissions to gain extensive control, intercept credentials, and steal data from applications, including cryptocurrency wallets.

These actors create fake loan apps, obtain personal details through a KYC process, and then extort money by threatening to distribute manipulated photos. The apps exploit minimal permissions to avoid detection.

The Sidewinder group, a sophisticated APT group originating from South Asia, is behind a highly targeted cyber threat campaign involving a malicious Word document with an embedded macro, potentially targeting Nepalese government officials.

The WISE REMOTE Stealer is an advanced information stealer and Remote Access Trojan (RAT) that is coded in the Go programming language and utilizes code manipulation techniques to evade antivirus detection, making it difficult to detect and mitigate.