Tag: NetSupport RAT
-
The “ClickFix” Trap: GrayCharlie Syndicate Hijacks U.S. Law Firm Sites in Sophisticated Supply-Chain Strike
Experts from the Insikt Group division have promulgated the inaugural comprehensive dossier regarding GrayCharlie, a threat syndicate that, since mid-2023, has been compromising WordPress repositories to disseminate deleterious payloads via fraudulent browser updates and the sophisticated ClickFix stratagem. According to the research, the adversaries recently breached several prominent American law firms, an escalation that potentially…
-
Fileless Evasion: Multi-Stage Campaign Deploys NetSupport RAT via Obfuscated HTA
Researchers at Securonix have uncovered a multi-layered malware campaign designed to surreptitiously deploy the NetSupport RAT remote access tool. The attack unfolds through a series of carefully obfuscated stages, each engineered for maximum stealth and minimal forensic footprint on the compromised system. The initial delivery begins with a JavaScript file embedded in compromised websites. This…
-
Bloody Wolf Hackers Impersonate Government Agencies to Deploy NetSupport RAT in Central Asia
The “Bloody Wolf” group is expanding its targeted campaign across Central Asia, deploying NetSupport RAT and impersonating government agencies. According to Group-IB specialists, the attacks that began in Kyrgyzstan in the summer of 2025 spread to Uzbekistan by autumn, affecting financial institutions, state bodies, and IT companies. Group-IB analysts Amirbek Kurbanov and Volen Kayo attribute…
-
Rapid7 Uncovers Social Engineering Campaign Linked to Black Basta Ransomware
Researchers have identified an actively evolving social engineering campaign aimed at gaining initial access to corporate IT systems for further exploitation. The perpetrators bombard enterprises with spam emails to capture the attention of employees. According to Rapid7, hackers inundate victims with useless emails and then call them, posing as IT specialists offering assistance to resolve…
-
Beware PhantomBlu: Phishing Campaign Targets US Businesses
The Israeli cybersecurity firm Perception Point has unveiled details of a new phishing campaign targeting American organizations. The operation, code-named PhantomBlu, aims to infiltrate systems with the NetSupport RAT, a malicious version of the legitimate remote desktop tool NetSupport Manager. This Trojan allows attackers to harvest confidential information from compromised devices. The hallmark of this…