Remcos RAT
-
Konni uses compromised KakaoTalk desktops to spread EndRAT via spear-phishing
Konni used spear-phishing to install EndRAT and other RATs then abused compromised KakaoTalk desktops to send malicious ZIP attachments to selected contacts maintaining long-term persistence and stealing internal documents.
-
New SHADOW#REACTOR campaign uses text only stagers and MSBuild to deploy Remcos RAT
A technical report from Securonix details SHADOW#REACTOR, a campaign that stages text only fragments and in memory loaders to deliver the Remcos RAT and achieve persistent access, using MSBuild and other legitimate Windows binaries.
-
Cybersecurity Experts Uncover New PowerShell Attack Leveraging Remcos RAT
Qualys Threat Research Unit reveals a new cyberattack method leveraging PowerShell to deploy Remcos RAT on systems, allowing hackers to operate undetected and carry out unauthorized surveillance and data theft.
