A new, sophisticated phishing attack has been observed delivering the AsyncRAT trojan as part of a malware campaign that’s believed to have commenced in September 2021.
“Through a simple email phishing tactic with an HTML attachment, threat attackers are delivering AsyncRAT (a remote access trojan) designed to remotely monitor and control its infected computers through a secure, encrypted connection,” Michael Dereviashkin, security researcher at enterprise breach prevention firm Morphisec, said in a report.
The intrusions commence with an email message containing an HTML attachment that’s disguised as an order confirmation receipt (e.g., Receipt-<digits>.html). Opening the decoy file redirects the message recipient to a web page prompting the user to save an ISO file.
images from Hacker News