Remote access Trojans (RATs) have been used for many years to allow attackers to gain access to and take control of user’s systems. Usually RATs are delivered when a user opens an email attachment or downloads a file from a website or peer-to-peer network. This involves direct delivery of the payload which makes detection easier. Researchers at security company SentinelOne have uncovered a more sophisticated delivery technique that ensures that the payload file remains in memory through its execution, never touching the disk in a de-encrypted state. This lets the attack stay hidden from conventional antivirus technologies. Samples analyzed also… [Continue Reading]
Continue reading...
Continue reading...