A threat actor tracked under the moniker Webworm has been linked to bespoke Windows-based remote access trojans, some of which are said to be in pre-deployment or testing phases. “The group has developed customized versions of three older remote access trojans (RATs), includingTrochilus RAT,Gh0st RAT, and9002 RAT,” the Symantec Threat Hunter team, part of Broadcom Software,saidin a report