New variant of AsyncRAT malware called hot rat It is distributed via free pirated versions of popular software and utilities such as video games, image and sound editing software, and Microsoft Office.
“HotRat malware provides attackers with a wide range of capabilities, including stealing login credentials, cryptocurrency wallets, screen capture, keylogging, installing additional malware, accessing and modifying clipboard data,” Avast said. Security researcher Martin a Milánek of
The Trojan has been circulating since at least October 2022, with the majority of infections concentrated in Thailand, Guyana, Libya, Suriname, Mali, Pakistan, Cambodia, South Africa and India, according to a Czech cybersecurity firm. It is said that there is
This attack involves bundling a malicious AutoHotkey (AHK) script with cracked software available online via torrent sites. This script initiates an infection chain designed to disable antivirus solutions on the compromised host and ultimately launch his HotRat payload using the Visual Basic script loader.
Shielding Against Insider Threats: Mastering SaaS Security Posture Management
Worried about insider threats? We’ve got you covered! Join us for this webinar to explore practical strategies and proactive security secrets using SaaS Security Posture Management.
join today
Described as a comprehensive RAT malware, HotRat comes with nearly 20 commands, each of which executes a .NET module retrieved from a remote server, allowing the attackers behind the campaign to Allows you to extend its functionality.
However, it is worth noting that this attack requires administrative privileges to achieve its goals.
“The irresistible temptation to get quality software for free, despite the considerable risks involved, persists, leading many to download illegal software,” Milanek said. “Thus, distribution of such software is still an effective way to spread malware widely.”
