Venom Spider, a malware-as-a-service (MaaS) threat actor, has expanded its capabilities with a new backdoor and loader. Researchers discovered that two recent attacks over the past two months have used these new tools. The backdoor is known as RevC2 and it uses WebSockets to steal information, proxy network traffic, and allow remote code execution. The loader is called Venom Loader, and it encodes payloads with the victim’s computer name. Venom Spider is a threat actor in the MaaS business which supplies tools for cybercriminals. 

Read more: https://www.darkreading.com/cyberattacks-data-breaches/venom-spider-malware-maas-platform