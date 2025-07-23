Threat Intelligence, Malware

Dismantling of Russian hacking group’s domain network detailed

Russia flag is depicted on the screen with the program code. The concept of modern technology and site development.

(Adobe Stock)

Russian malware-as-a-service operation NyashTeam had over 110 domains disrupted by Russian cybersecurity firm F6 in a takedown effort conducted alongside the Coordination Center for TLD RU, reports The Record, a news site by cybersecurity firm Recorded Future.

With the hacking group peddling the DCRat trojan enabling data theft, keystroke logging, password compromise, and command execution, as well as the more sophisticated WebRat malware allowing browser credential and cookie exfiltration and webcam infiltration since at least 2022, additional actions removing the Telegram channel with the WebRat source code and instructional videos have also been sought by F6 researchers. Aside from selling trojans, NyashTeam was also reported to have provided other threat actors with low-cost and user-friendly guides, hosting solutions, and custom plugins, as well as pre-configured malware and command-and-control servers. Attacks using malware obtained from NyashTeam often involved the use of cracked software distributed via GitHub or YouTube, researchers added.

Related

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

CorruptionDNS SpoofingData MiningDefacementDictionary AttackDomain HijackingDrive-by DownloadDumpSecHybrid AttackInformation Warfare

You can skip this ad in 5 seconds