#remcos-rat

[ follow ]
#multi-stage-malware #powershell-fragment-loader #msbuild-lolbin #uac-0184 #viber-based-malware #hijack-loader
Information security
fromThe Hacker News
19 hours ago

New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack

SHADOW#REACTOR uses obfuscated VBS, PowerShell fragment fetching, .NET Reactor reflective loading, and MSBuild LOLBin to deploy Remcos RAT for covert persistent access.
Information security
fromThe Hacker News
1 week ago

Russia-Aligned Hackers Abuse Viber to Target Ukrainian Military and Government

UAC-0184 uses Viber to distribute malicious ZIPs containing LNK files that deploy Hijack Loader and enable Remcos RAT intrusions against Ukrainian military and government targets.
Marketing tech
fromThe Hacker News
7 months ago

Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks

A new malware campaign utilizes PowerShell to deploy Remcos RAT via malicious ZIP files and LNK shortcuts.
[ Load more ]