Venom RAT | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have charted the evolution of a widely used remote access trojan called AsyncRAT , which was first released on GitHub in January 2019 and has since served as the foundation for several other variants. "AsyncRAT has cemented its place as a cornerstone of modern malware and as a pervasive threat that has evolved into a sprawling network of forks and variants," ESET researcher Nikola Knežević said in a report shared with The Hacker News. "While its capabilities are not that impressive on their own, it is the open-source nature of AsyncRAT that has truly amplified its impact. Its plug-in-based architecture and ease of modification have sparked the proliferation of many forks, pushing the boundaries even further" While AsyncRAT's evolution highlights its technical adaptability, its real-world impact stems from how it's deployed in opportunistic phishing campaigns and bundled with loaders like GuLoader or SmokeLoader. These delivery metho...

The LodaRAT malware has resurfaced with new variants that are being deployed in conjunction with other sophisticated malware, such as RedLine Stealer and Neshta. "The ease of access to its source code makes LodaRAT an attractive tool for any threat actor who is interested in its capabilities," Cisco Talos researcher Chris Neal  said  in a write-up published Thursday. Aside from being dropped alongside other malware families, LodaRAT has also been observed being delivered through a previously unknown variant of another commodity trojan called  Venom RAT , which has been codenamed S500. An AutoIT-based malware, LodaRAT (aka  Nymeria ) is attributed to a group called Kasablanca and is capable of harvesting sensitive information from compromised machines. In February 2021, an  Android version  of the malware sprang forth as a way for the threat actors to expand their attack surface. Then in September 2022, Zscaler ThreatLabz uncovered a new delivery mecha...