Monday, January 25, 19:24
Home security New malware trojan: Pyvil RAT from the Evilnum team

New malware trojan: Pyvil RAT from the Evilnum team

The new malware trojan PyVil RAT is the new discovery of researchers and the team that seems to be spreading it is Evilnum.

A new trojan malware has been detected in a campaign targeting financial technology organizations for stealing email addresses, passwords and other sensitive corporate information.

Known as Evilnum, the APT team first appeared in 2018 and one of the reasons for its success is how often it changes tools and tactics as it targets Fintech-related companies located primarily in Europe and United Kingdom, although some victims are also in America and Australia.

Evilnum malware trojan

Evilnum activity varies, with reports of the use of different components written in Javascript and C #. But this time he has developed another new tool for attacks which is a malware trojan written in Python that has appeared in recent weeks in a new series of targeted attacks.

The malware trojan, discovered by Cybereason researchers and named PyVil RAT, allows intruders to steal corporate information using keylogging and take screenshots. It also has the ability to collect information about the infected system, including the current version of Windows, which antivirus are installed and if there are connected devices USB.

Evilnum's previous attacks had started with highly targeted phishing emails, and the PyVil delivery campaign is something like this, though instead of delivering files zip as before, emails are delivered containing an LNK file disguised as PDF.

Phishing emails claim to contain bank-related identification documents, credit card documents or even driver's license photos.

While it remains unclear who the cybercriminals behind Evilnum are, the highly targeted nature of the attacks combined with the way they constantly change their tactics leads researchers to believe that they are a group of real professionals.

The Evilnum team is believed to remain active for a long time and it is only a matter of time before it changes its tools and techniques again.


Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehc
Be the limited edition.


iPhone: How to see which apps have access to your contacts

Some iPhone privacy issues go deeper than accessing your contacts list, which exposes your contacts to ...

COVID-19: Google makes vaccination clinics available

Google CEO Sundar Pichai said Monday that the company will make its facilities available to become clinics ...

Netflix offers "studio quality" audio upgrade on Android

Do not be surprised if Netflix sounds better the next time you run a marathon with rows on your Android phone ...

Will Bitcoin return to $ 40.000? There is concern!

Bitcoin lovers who take his return above the level of $ 40.000 for granted have been worried because the demand ...

Avaddon ransomware: Its operators threaten with DDoS attacks to get ransom!

Lately, more and more ransomware gangs tend to threaten their targets with DDoS attacks in order to secure profits ....

Volunteer firefighters will be trained through VR simulation

Volunteer firefighters in the Australian state of Victoria will soon have access to the virtual reality (VR) training that will be available in ...

Tesla: Accuses its former employee of stealing her confidential data!

On January 23, Tesla sued former employee Alex Khatilov for stealing 26.000 confidential documents, including trade secrets. The software ...

SpaceX launched 143 satellites simultaneously

SpaceX broke every record with its last spacecraft mission into orbit. The company successfully launched the Transporter-1 mission ...

Sony may resurrect the Xperia Compact to compete with Apple

Have you seen the iPhone 12 mini and wish there was an Android equivalent to this small but powerful smartphone? Can the desire ...

Artificial intelligence (AI) may one day be used against us

AI algorithms offer us the news we read, the ads we see, and in some cases even drive cars ...