ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
HIGH Cybersecurity

Starland RAT delivered via trojanized WebEx and Zoom apps by UAT-11795

Source headline: Russian hackers trojanize WebEx, Zoom apps to push Starland malware

Threat level High
Signal strength 75/100
Source confidence 1 source
Published 3 hours ago

Intelligence Summary

A financially motivated Russian threat actor tracked as UAT-11795 is distributing trojanized WebEx and Zoom applications. The tampered software is used to steal credentials and cryptocurrency. The campaign deploys a backdoor called Starland RAT to maintain access and exfiltrate data. Victims may be exposed if they download or install the compromised apps. Users should verify software sources and avoid installing non-official or modified versions of collaboration tools.

Recommended Action

Review affected assets, schedule urgent remediation, and monitor related indicators.

Topics

#credential-theft #remote-access-trojan #cryptocurrency-theft #starland-rat #trojanized-apps
Original reporting BleepingComputer Russian hackers trojanize WebEx, Zoom apps to push Starland malware
Open original source