AsyncRAT Malware Campaign Exploits Legitimate Services
/ 1 min read
🔗 AsyncRAT malware campaign exploits legitimate services for cyberattacks. A new malware campaign has been identified that delivers the remote access trojan (RAT) AsyncRAT through phishing emails containing Dropbox URLs and TryCloudflare tunnels. The attack begins with a ZIP file that includes a Windows shortcut (LNK) file, which triggers a PowerShell command to execute JavaScript, ultimately downloading a Python payload that can deploy multiple malware families. Researchers highlight the increasing use of legitimate infrastructures to facilitate these attacks, as well as a rise in phishing campaigns leveraging compromised accounts to harvest credentials. This trend underscores the evolving tactics of cybercriminals in exploiting trust within interconnected systems.
