Names | EvilGrab RAT EvilGrab Vidgrab Wmonder BKDR_HGDER BKDR_EVILOGE BKDR_NVICM | |
Category | Malware | |
Type | Backdoor, Info stealer | |
Description | (Trend Micro) Recently, we spotted a new malware family that was being used in targeted attacks – the EvilGrab malware family. It is called EvilGrab due to its behavior of grabbing audio, video, and screenshots from affected machines. We detect EvilGrab under the following malware families: • BKDR_HGDER • BKDR_EVILOGE • BKDR_NVICM Looking into the feedback provided by the Smart Protection Network, EvilGrab is most prevalent in the Asia-Pacific region, with governments being the dominant sector targeted. These are consistent with known trends in targeted attacks. | |
Information | <https://blog.trendmicro.com/trendlabs-security-intelligence/evilgrab-malware-family-used-in-targeted-attacks-in-asia/> | |
MITRE ATT&CK | <https://attack.mitre.org/software/S0152/> | |
Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/win.evilgrab> | |
AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:evilgrab> |
Last change to this tool card: 23 April 2020
Download this tool card in JSON format
Changed | Name | Country | Observed | ||
APT groups | |||||
Nightshade Panda, APT 9, Group 27 | 2013-Sep 2016 | ||||
Stone Panda, APT 10, menuPass | 2006-Feb 2022 |
2 groups listed (2 APT, 0 other, 0 unknown)
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |