iThome Online

Amatera Stealer與NetSupport RAT透過網釣接觸受害者,透過系統呼叫逃過偵測機制

資安業者eSentire揭露竊資軟體Amatera Stealer最新一波攻擊活動,駭客在搜括完受害電腦應用程式及加密貨幣錢包的帳密資料後,還會確認是否存在進一步攻擊的價值,再植入NetSupport RAT執行後續活動 ...
iThome Online

假借瀏覽器更新、提供軟體或服務的名義為幌子,駭客GrayAlpha意圖散布NetSupport RAT

針對駭客散布NetSupport RAT的管道,大致可分成3種,包含使用偽造的瀏覽器更新網頁、冒牌7-Zip下載網站,以及使用名為TAG-124的多層次惡意流量導向系統(TDS),過程中使用自製的惡意程式載入工具,其中一種是以PowerShell打造而成的PowerNet,另一種是與FakeBat相當類似的MaskBat。
Infosecurity-magazine.com

Fake Docusign Pages Deliver Multi-Stage NetSupport RAT Malware

A new malware campaign using fake DocuSign verification pages to deploy the NetSupport Remote Access Trojan (RAT) has been uncovered. According to DomainTools, the campaign tricks users into infecting ...
CSOonline

New phishing campaign targets US organizations with NetSupport RAT

Hundreds of US employees have been targeted in a new email attack that uses accounting lures to distribute malicious documents that deploy a malicious remote access tool known as NetSupport RAT. The ...
Infosecurity-magazine.com

Threat Actors Spread RAT Via Pokemon NFT Card Site

Security experts have warned of a new phishing campaign which uses the popularity of Pokemon and NFT to lure users into unwittingly downloading a remote access tool (RAT). The spoofed Pokemon card ...