SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT

SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT










Unknown threat actors are leveraging the ScreenConnect remote access tool as a way to deploy and execute AsyncRAT.

Kaspersky said the activity is part of a “massive, multi-domain, multi-language” campaign that distributes malicious installer archives hosted on spoofed websites.

These installers masquerade as popular software like OBS Studio, DNS Jumper, DS4Windows, and Bandicam, among others.










Go to TheHackersNews





Posted

in

by