Hackers Turn ConnectWise ScreenConnect into a Comedy of Errors with AsyncRAT Payloads!
Hackers are making a mockery of cybersecurity by using ConnectWise ScreenConnect to deploy AsyncRAT. This mischievous campaign cleverly disguises itself as a “Skype Updater” while pilfering sensitive data. Beware of trojanized ScreenConnect installers masquerading as business documents sent via phishing emails—these cyber tricksters are not playing around!
Hot Take:
Who needs Hollywood thrillers when you have cybercriminals turning legitimate software into villainous tools? In the latest episode of “Hackers Gone Wild,” ConnectWise ScreenConnect gets a makeover as a cyber baddie, delivering AsyncRAT like a pizza – hot and fresh, straight to your system. Move over James Bond, there’s a new villain in town, and it’s armed with PowerShell scripts!
Key Points:
- ConnectWise ScreenConnect, a legitimate RMM tool, is being exploited to deliver AsyncRAT.
- The attack involves a VBScript and PowerShell loader to download malicious components.
- Phishing emails disguise trojanized ScreenConnect installers as business documents.
- AsyncRAT payload boasts features like keystroke logging and cryptocurrency wallet scanning.
- Fileless malware operates in memory, making it a tough nut for cybersecurity defenses to crack.
Already a member? Log in here