AsyncRAT New Variant Malware Spreading Through Pirated Software
New variant of malware named AsyncRAT also known as HotRat, which is currently being disseminated through illicit channels by exploiting free, pirated copies of widely-used software and utilities, including video games, image and sound editing tools, and Microsoft Office suites.
According to Avast security researcher Martin a Milánek, HotRat, AsyncRAT malware has been skillfully crafted to grant attackers a diverse range of capabilities. These include the ability to pilfer login credentials, hijack cryptocurrency wallets, record on-screen activities, log keystrokes, introduce additional malware into the infected system, and even access or manipulate clipboard data.
This Trojan has been lurking in the wild since at least October 2022, with its infections largely concentrated in several countries, such as Thailand, Guyana, Libya, Suriname, Mali, Pakistan, Cambodia, South Africa, and India, as noted by the Czech cybersecurity firm.
Image belong to the hacker news
The Risks of Illicit Software, Avast Researcher Warns Against HotRat Malware
Presently, the attacks involve a sophisticated approach where cracked software sourced from torrent sites is bundled with a malicious AutoHotkey (AHK) script. This script serves as the initiator of an infection chain that cleverly disables antivirus solutions on the compromised host. The ultimate objective of this chain is to launch the HotRat payload by utilizing a Visual Basic Script loader.
HotRat, aptly described as a comprehensive RAT malware, boasts an impressive arsenal of nearly 20 commands. Each command triggers the execution of a .NET module fetched from a remote server, offering the threat actors behind the campaign the flexibility to enhance its capabilities as needed.
It’s crucial to emphasize that the success of this attack heavily relies on gaining administrative privileges on the target system to achieve its malicious goals.
Furthermore, Avast security researcher Martin a Milánek emphasized the substantial risks associated with these activities. He pointed out that the allure of acquiring high-quality software for free remains an irresistible temptation for many individuals, driving them to download illegal software. Unfortunately, this trend continues to serve as an effective means for the widespread distribution of malware.
RedEnergy A Ransomware Threat Targeting Energy and Telecom Sectors