Threat actors have leveraged web hard drives disguised as adult-themed games to facilitate the distribution of the Remcos RAT surveillance tool across South Korea, The Hacker News reports.
Attacks involved the delivery of malicious files purporting to be adult games, which when launched triggered Visual Basic scripts that facilitated the eventual retrieval of Remcos RAT, which enables sensitive data exfiltration through unauthorized device control and surveillance, a report from the AhnLab Security Emergency Response Center revealed.
Such findings come months after Remcos RAT was reported by Cyfirma to have evolved in its utilization since its introduction as a legitimate remote administration tool in 2016.
"The malware's multifunctional capabilities, including keylogging, audio recording, screenshot capture, and more, highlight its potential to compromise user privacy, exfiltrate sensitive data, and manipulate systems. The RAT's ability to disable User Account Control (UAC) and establish persistence further amplifies its potential impact," said Cyfirma in its report.
