On September 01, 2022, a threat actor named ailo, published a malware seems to be a cracked version to the ICARUS banking Trojan on a prominent English-language hacking Dark Web forum. According to the post, the malware can rootkit HVNC, start RPD from hidden desktop, extract information from various applications including Web browsers, cryptocurrency wallets, instant messenger clients and email clients.
The malware was mentioned to be a rip off of HiddenzHVNC v4.0.0 by a forum user. However, the
case is still under investigation.
Full Newsletter:
September 01 2022 - CTI Report - ICARUS
.pdf
Download PDF • 456KB