Aurora: A Rising Stealer Flying Under The Radar
Aurora is a multipurpose botnet with data collection, information stealer, downloading, and remote access Trojan (RAT) capabilities.
This botnet was sold as a Malware-as-a-Service (MaaS) by a threat actor going by the handle Cheshire.
It is advertised as an info-stealer, and Sekoia identified several traffer teams that have announced that they have added it to their malware toolset.
Aurora is written in Golang and targets browsers, cryptocurrency wallets, local systems and can even act as a loader.
The collected data is of particular interest to cyber criminals, allowing them to carry out lucrative follow-up campaigns.
It is widely distributed using multiple infection chains, including phishing websites masquerading as legitimate ones.
Featured Resources
blog
Proactive Security in Action: What Real-World Gaps Reveal About Cyber Resilience
Today’s threat actors move fast, and reactive security is no longer enough. Most breaches have a common root cause: a
E-book
10 Cybersecurity Exposures You Can’t Afford to Ignore
Lessons from Real-World Exposure Validation Think your defenses are airtight?Even well-funded, mature security programs can leave dangerous gaps. This eBook
blog
Kubernetes Security Best Practices: Insights from Real-World Attack Simulations
Securing Kubernetes in production environments is more than a checkbox exercise. It’s a continuous battle against sophisticated attack vectors. Research