Back

Gh0st RAT and CloverPlus Adware Distributed in New Malware Campaign

Severity: High (Score: 61.5)

Sources: Gbhackers, Cybersecuritynews

Summary

A new malware campaign has been identified that combines the Gh0st Remote Access Trojan (RAT) with CloverPlus adware. This dual threat allows attackers to maintain long-term control over infected systems while generating immediate revenue through fraudulent advertising. The malware is delivered via a single obfuscated loader that conceals two encrypted payloads, one of which is identified as AdWare.Win32.CloverPlus. Victims of this campaign are primarily individual users and organizations that may be targeted for financial gain. The attack method involves executing the loader, which installs both the RAT and the adware on the victim's machine. This campaign raises significant concerns due to the potential for widespread impact and the dual nature of the threats involved. Current status indicates that the cybersecurity community is actively monitoring the situation as reports of infections emerge. Key Points: • The malware campaign bundles Gh0st RAT with CloverPlus adware for dual exploitation. • Attackers use a single obfuscated loader to deliver both threats simultaneously. • Victims face long-term control loss and immediate financial exploitation through ad fraud.

Key Entities

  • Malware (attack_type)
  • Trojan (attack_type)
  • AdWare.Win32.CloverPlus (malware)
  • CloverPlus (malware)
  • Gh0st RAT (malware)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed