New ThirdEye infostealer, SeroXen RAT examined

Windows systems have been targeted by the novel ThirdEye information-stealing malware, which has system metadata exfiltration capabilities, while the new SeroXen remote access trojan has emerged, The Hacker News reports. Russian organizations may have been the key targets of ThirdEye, which could gather BIOS release date and vendor information, ongoing processes, C drive details, usernames, and volume information, due to most stealer artifacts being uploaded from Russia, a Fortinet FortiGuard Labs report showed. "While this malware is not considered sophisticated, it's designed to steal various information from compromised machines that can be used as stepping-stones for future attacks," said Fortinet researchers. Meanwhile, a separate report from Trend Micro noted that the ScrubCrypt batch file obfuscation engine, also known as BatCloak, has been used to distribute the SeroXen RAT in attacks against the gaming community. "The addition of SeroXen and BatCloak to the malware arsenal of malicious actors highlights the evolution of FUD obfuscators with a low barrier to entry. The almost-amateur approach of using social media for aggressive promotion, considering how it can be easily traced, makes these developers seem like novices by advanced threat actors' standards," said Trend Micro.