June 21, 2024 at 06:15AM A malvertising campaign is using fake websites to distribute backdoor malware disguised as popular software like Google Chrome and Microsoft Teams. The malware, called Oyster, can gather information, communicate with a command-and-control address, and execute remote code. This coincides with the emergence of a new phishing platform called ONNX Store. … Read more
May 11, 2024 at 03:45AM FIN7, a financially motivated threat actor, has used malicious Google ads to imitate reputable brands, such as AnyDesk and Google Meet, to spread the NetSupport RAT. The group has evolved from targeting point-of-sale systems to launching ransomware campaigns and has expanded its malware arsenal. This activity has prompted Microsoft to … Read more
March 19, 2024 at 02:15AM A new phishing campaign dubbed Operation PhantomBlu is using a sophisticated technique to deploy NetSupport RAT, targeting U.S. organizations with salary-themed phishing emails and exploiting Microsoft Office document templates. Additionally, threat actors are increasingly abusing public cloud services and data-hosting platforms to generate undetectable phishing URLs, sold on underground platforms. … Read more
November 20, 2023 at 11:01AM Threat actors are using a remote access trojan called NetSupport RAT to target the education, government, and business services sectors. The trojan is delivered through fraudulent updates, drive-by downloads, malware loaders, and phishing campaigns. The cybersecurity firm VMware Carbon Black has detected 15 new infections related to NetSupport RAT in … Read more