RAT polyglot campaign

RAT polyglot campaign

a year ago
Anonymous $_PGtSJbg8h

https://www.bleepingcomputer.com/news/security/rat-malware-campaign-tries-to-evade-detection-using-polyglot-files/

Operators of the StrRAT and Ratty remote access trojans (RAT) are running a new campaign using polyglot MSI/JAR and CAB/JAR files to evade detection from security tools.

The campaign was spotted by Deep Instinct, which reports that the threat actors achieve moderate success in evading detection by anti-virus engines. This is notable considering how old and well-documented the two particular RATs are.

RAT polyglot campaign

Jan 12, 2023, 11:35pm UTC
https://www.bleepingcomputer.com/news/security/rat-malware-campaign-tries-to-evade-detection-using-polyglot-files/ > Operators of the StrRAT and Ratty remote access trojans (RAT) are running a new campaign using polyglot MSI/JAR and CAB/JAR files to evade detection from security tools. > The campaign was spotted by Deep Instinct, which reports that the threat actors achieve moderate success in evading detection by anti-virus engines. This is notable considering how old and well-documented the two particular RATs are.