Russian hackers trojanize WebEx, Zoom apps to push Starland malware
Russian hackers are exploiting popular business software to distribute Starland malware.
Velocity
How fast coverage is spreading — measured hourly from article rate × source diversity. How this works →
The brief
Russian hackers are using trojanized versions of WebEx and Zoom to distribute Starland malware. The malware campaign targets firms in the US and Europe. Coverage from Intelligent CISO, Security Affairs, IT Pro, Cisco Talos Blog, and BleepingComputer highlights the use of fake installers to deploy the Starland Remote Access Trojan (RAT) and a bespoke WLDR command-and-control implant.
The campaign is financially motivated, according to Cisco Talos Blog. The coverage emphasizes the sophistication of the malware and the methods used to distribute it. Cisco Talos Blog details the technical aspects of the Starland RAT and the WLDR implant.
Security Affairs and BleepingComputer focus on the trojanization of WebEx and Zoom, while IT Pro and Intelligent CISO report on the broader implications for business security. Watch for updates on the extent of the malware's spread and any responses from WebEx and Zoom. Coverage does not yet specify the number of affected firms or the potential impact on users.
Synthesized by Archynetys from the headlines below under a strict no-invention contract. ✓ fact-checked: all claims supported by sources Updated just now.
Quick answers
What is Starland malware?
Starland is a Remote Access Trojan (RAT) used in a financially motivated campaign to target firms in the US and Europe.
Which software is being exploited?
The malware campaign is using trojanized versions of WebEx and Zoom.
Who is behind this campaign?
According to coverage from Security Affairs and BleepingComputer, Russian hackers are responsible for this campaign.
Coverage (5)
- Researchers warn of malware campaign using trojanised business software Intelligent CISO · 1d ago
- New Russian Campaign Uses Fake Webex and Zoom Installers to Deploy Starland RAT Security Affairs · 1d ago
- Cisco sounds alarm over new Russian malware campaign hitting firms in US and Europe IT Pro · 1d ago
- UAT-11795 deploys novel Starland RAT and bespoke WLDR C2 implant in financially motivated campaign Cisco Talos Blog · 1d ago
- Russian hackers trojanize WebEx, Zoom apps to push Starland malware BleepingComputer · 1d ago
Topics
Related trends
New ClickLock macOS Stealer Kills Apps Every 210ms Until Victims Type Their Password
A new macOS malware forces users to reveal their passwords by disabling apps every 210 milliseconds.
GTA 6 Leaker Freed From Secure Hospital, But New Trial Awaits
Arion Kurtaj, the individual linked to the GTA VI leaks, has been released from a secure hospital and will now face a full criminal retrial.
GTA 6 Hacker Found Competent for Retrial After Indefinite Sentence to Secure Hospital
The individual responsible for the GTA 6 leak has been released from a secure hospital and is now awaiting retrial.
1Password now lets Claude sign in to websites without seeing your passwords
1Password and Anthropic have partnered to allow Claude to securely log into websites on a user's behalf without the AI seeing the actual passwords.
Zoom warns of critical account takeover vulnerability
Zoom users are on alert after a critical vulnerability was disclosed, allowing account takeovers.
CrashStealer Malware Impersonates Apple Tool to Steal Mac Passwords and Crypto
A new malware targets Mac users by mimicking an Apple tool to steal sensitive information.