PatchWork gang dropped a variant of the BADNEWS Trojan

Threat Level – Amber | Vulnerability Report
Download PDF

Patchwork deployed a variant of the BADNEWS (Ragnatela) Remote Administration Trojan that employed malicious RTF files in its most recent campaign. The group’s project name and control panel are named “Ragnatela,” which means “spider web” in Italian. The RAT is capable of executing commands through cmd, taking screenshots, logging keystrokes, collecting a list of folders on the victim’s PC, and downloading additional payloads

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox