XWorm RAT Campaign Utilizes Phishing and CVE-2018-0802 Exploit

XWorm RAT Campaign Utilizes Phishing and CVE-2018-0802 Exploit

First seen 13 Feb 2026, 12:09 UTC GbhackersCybersecuritynewsCyberpress 83% similarity 48.7

Article Content

Browse articles
ThreatCluster

A new phishing campaign has been detected distributing an updated variant of the XWorm Remote Access Trojan (RAT), which exploits CVE-2018-0802 to evade detection. This campaign targets Microsoft Windows systems and is actively traded in Telegram marketplaces, affecting numerous users since its first tracking in 2022.

ThreatCluster AI

Timeline

2018-02-13
CVE-2018-0802 published
2022-01-01
XWorm first tracked
2026-02-13
New XWorm RAT campaign reported

Community

Browse all →