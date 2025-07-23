Russian malware-as-a-service operation NyashTeam had over 110 domains disrupted by Russian cybersecurity firm F6 in a takedown effort conducted alongside the Coordination Center for TLD RU, reports The Record, a news site by cybersecurity firm Recorded Future.
With the hacking group peddling the DCRat trojan enabling data theft, keystroke logging, password compromise, and command execution, as well as the more sophisticated WebRat malware allowing browser credential and cookie exfiltration and webcam infiltration since at least 2022, additional actions removing the Telegram channel with the WebRat source code and instructional videos have also been sought by F6 researchers. Aside from selling trojans, NyashTeam was also reported to have provided other threat actors with low-cost and user-friendly guides, hosting solutions, and custom plugins, as well as pre-configured malware and command-and-control servers. Attacks using malware obtained from NyashTeam often involved the use of cracked software distributed via GitHub or YouTube, researchers added.
