SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT

Unknown threat actors are leveraging the ScreenConnect remote access tool as a way to deploy and execute AsyncRAT.

Kaspersky said the activity is part of a “massive, multi-domain, multi-language” campaign that distributes malicious installer archives hosted on spoofed websites.

These installers masquerade as popular software like OBS Studio, DNS Jumper, DS4Windows, and Bandicam, among others.

Source: The Hacker News

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication Read on The Hacker News Source: The Hacker News

ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories

ThreatsDay Bulletin: Smart TV Proxyware, 24-Year curl Bug, AI Crime Forums + 13 More Stories It’s dumb out there again. This week has the usual smell of prod on fire

Apertus – Open Foundation Model for Sovereign AI

Apertus – Open Foundation Model for Sovereign AI Source: Hacker News