News Heading

HotRat: Hackers Exploit Pirated Software to Spread This New AsyncRAT Variant

Reading time: 2 min

A new AsyncRAT malware variant named HotRat is being spread through free cracked software of popular system and development tools as well as video games. Once deployed, the malware helps the attacker steal personal and sensitive information from the victim’s machine.

‘’HotRat malware equips attackers with a wide array of capabilities, such as stealing login credentials, cryptocurrency wallets, screen capturing, keylogging, installing more malware, and gaining access to or altering clipboard data,’’ Avast researchers said.

Equipping cracked software sourced online with a malicious AutoHotkey script, the malware conceals a PowerShell script that aims to deactivate security solutions, establish system persistence, and eventually launch the malware HotRat using a Visual Basic Script (VBS) Loader.

‘’Since HotRat is run with admin privileges, it is very easy for attackers to make changes in security,’’ noted Avast. The malware has been observed to have the capability to evade or bypass most antivirus software including Avira, Windows Defender, AVG, Malwarebytes, McAfee.

HotRat, described as a comprehensive RAT malware has been designed with additional capabilities including stealthily extracting sensitive information and credentials as well as deploying other malwares. The researchers identified 20 new commands with capabilities to execute .NET payloads sent from C2 (Command and Control) servers. This functionality allows the hackers behind the campaign to execute, change or add commands as desired.

The researchers noted that the malware has been more prevalent since the middle of October 2022, with the majority of infestations occurring in South Asia, East Europe, North America, and African regions.

‘’Despite the known dangers, [..] irresistible temptation to acquire high-quality software at no cost persists, leading many people to download illegal software. [..] The spread of this malware happens through public repositories, with links being disseminated on social networks and forums,’’ noted the researchers.

It is imperative that users avoid dubious websites offering free software downloads and update system security solutions, to safeguard against malware infestations.

Did you like this article? Rate it!
I hated it I don't really like it It was ok Pretty good! Loved it!

We're thrilled you enjoyed our work!

As a valued reader, would you mind giving us a shoutout on Trustpilot? It's quick and means the world to us. Thank you for being amazing!

Rate us on Trustpilot
0 Voted by 0 users
Title
Comment
Thanks for your feedback
Loader
Please wait 5 minutes before posting another comment.
Comment sent for approval.

Leave a Comment

Loader
Loader Show more...