July 22, 2024 at 03:36AM
The JavaScript downloader malware SocGholish is distributing a remote access trojan called AsyncRAT and the legitimate open-source project BOINC. BOINC is being abused to connect to malicious servers and evade detection. The cybersecurity firm believes these connections pose a high risk and could potentially be used for malicious commands or software.
Based on the meeting notes provided, the key takeaways include:
– The JavaScript downloader malware SocGholish is being used to deliver a remote access trojan called AsyncRAT as well as a legitimate open-source project called BOINC.
– BOINC, a volunteer computing platform, is being misused for malicious purposes, with evidence dating back to at least June 26, 2024.
– Infected clients actively connecting to malicious BOINC servers present a high risk, potentially allowing a threat actor to execute malicious commands or software on the host and compromise an entire domain.
– Malware developers are using new tricks, such as using compiled V8 JavaScript, to conceal remote access trojans and other malicious activities.
Is there anything else you would like to know or any other assistance you need with these meeting notes?