#remcos-rat

[ follow ]
#multi-stage-malware #powershell-fragment-loader #msbuild-lolbin #uac-0184 #viber-based-malware #hijack-loader
Information security
fromThe Hacker News
2 months ago

New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack

SHADOW#REACTOR uses obfuscated VBS, PowerShell fragment fetching, .NET Reactor reflective loading, and MSBuild LOLBin to deploy Remcos RAT for covert persistent access.
Information security
fromThe Hacker News
2 months ago

Russia-Aligned Hackers Abuse Viber to Target Ukrainian Military and Government

UAC-0184 uses Viber to distribute malicious ZIPs containing LNK files that deploy Hijack Loader and enable Remcos RAT intrusions against Ukrainian military and government targets.
Marketing tech
fromThe Hacker News
10 months ago

Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks

A new malware campaign utilizes PowerShell to deploy Remcos RAT via malicious ZIP files and LNK shortcuts.
[ Load more ]