Russian Hackers Deploy Starland Malware via Trojanized WebEx and Zoom Apps

Photo: bleepstatic.com
Quick answer
Russian hacker group UAT-11795 spreads Starland RAT malware through trojanized WebEx and Zoom apps to steal credentials and cryptocurrency.
A Russian cybercrime group, identified as UAT-11795, has developed a new attack method targeting users of popular video conferencing services. The hackers distribute the Starland RAT malware through trojanized versions of Cisco WebEx and Zoom apps. These malicious programs masquerade as legitimate updates or installers, allowing them to bypass standard security measures.
The primary goal of the attack is to gain access to victims' credentials and cryptocurrency wallets. Starland RAT functions as a backdoor, providing hackers with remote control over infected systems. Cybersecurity experts note that the attacks are highly targeted, focusing primarily on corporate users and individuals handling cryptocurrency.
To reduce infection risks, experts recommend downloading software exclusively from official developer websites. It is also crucial to use modern antivirus solutions with up-to-date signature databases and verify the digital signatures of installation files before execution. Special attention should be paid to unexpected update prompts or offers to download software from unverified sources.
Common questions
- What is Starland RAT?
- Starland RAT is a new backdoor used by cybercriminals to steal credentials and cryptocurrency assets. It is deployed via trojanized versions of popular applications.
- How to protect against trojanized apps?
- Download software only from official developer websites, use antivirus solutions with updated databases, and verify digital signatures of installation files before execution.
- Who is behind the Starland RAT attacks?
- The attacks are attributed to the Russian hacker group UAT-11795, which operates with financial motives and specializes in data and cryptocurrency theft.
Dzen feed: /feed/dzen.xml · RSS: /feed.xml