Generating Download Link
-Advertisements-
Based on the technical profile of (also known as NukeBot), which is a banking Trojan and remote access tool (RAT) that includes a powerful Hidden VNC (HVNC) capability,
We are observing continued activity surrounding TinyNuke (NukeBot) variants, specifically those packaged as HVNC - Tinynuke.rar . While TinyNuke originally gained notoriety as a banking Trojan, its Hidden Virtual Network Computing (HVNC) module remains a top-tier threat for persistent, stealthy remote access.
The HVNC shellcode is typically injected into existing processes (like explorer.exe or browser processes) to maintain a low profile. HVNC - Tinynuke.rar
Run browsers, manage files, and execute commands on a secondary desktop that the primary user cannot see.
Configure Endpoint Detection and Response (EDR) tools to flag unauthorized process injection and the use of "Hidden Desktop" API calls (e.g., CreateDesktop ). Based on the technical profile of (also known
HVNC allows attackers to create a second, invisible desktop on a victim’s machine, enabling them to bypass security controls and interact with the system without the user's knowledge.
For detailed analysis and source code samples, researchers can refer to the HVNC for C# (TinyNuke) repository on GitHub. Attackers Abusing Various Remote Control Tools - AhnLab Run browsers, manage files, and execute commands on
Unlike traditional remote desktop tools (like TeamViewer or AnyDesk), TinyNuke’s HVNC creates a hidden desktop session . This allows an operator to:
