SECURITYTHE HACKER NEWS
SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT
Unknown threat actors are using the ScreenConnect remote access tool to deploy AsyncRAT via spoofed websites. Kaspersky reports a 'massive, multi-domain, multi-language' campaign distributing malicious installers disguised as popular software like OBS Studio and Bandicam.
Mentioned
Related Signal
Adjacent reporting
- Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads
- Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2
- DPRK Fake Job Scams Self-Propagate in 'Contagious Interview'
- WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool
- EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
- Shai-Hulud: What to Know About the Malware Spreading Through Software Pipelines