Russian organizations are targeted by a phishing campaign distributing the PureRAT malware, which facilitates covert control and data theft. The attack has significantly increased in frequency, with attackers using sophisticated payload delivery methods involving archive files and malware modules. #PureRAT #PhishingAttacks
Keypoints
- The phishing campaign mainly targets Russian businesses with malicious email attachments or links.
- The malware uses a complex chain involving RAR archives, executable files, and scripts to infect systems.
- PureRAT establishes secure connections with command-and-control servers to transmit system information and receive commands.
- Modules within PureRAT can perform actions such as keylogging, remote control, clipboard hijacking, and system manipulation.
- The campaign also employs a downloader called PureCrypter to deliver additional payloads like the PureLogs data stealer.
Read More: https://thehackernews.com/2025/05/purerat-malware-spikes-4x-in-2025.html