Cybersecurity researchers have identified the JS#SMUGGLER campaign, which uses compromised websites to deploy the NetSupport RAT via a sophisticated multi-stage web-based attack. The campaign features layered script execution, device-aware targeting, and stealth techniques to evade detection. #NetSupportRAT #JS#SMUGGLER
Keypoints
- The attack involves obfuscated JavaScript, HTA files, and PowerShell payloads for malware delivery.
- NetSupport RAT provides complete remote control, including file operations, data theft, and proxy functions.
- The campaign targets enterprise users through compromised websites with tailored infection methods for mobile and desktop devices.
- Stealth techniques include disabling visible windows, in-memory execution, and removing forensic traces.
- Defenders are advised to implement CSP enforcement, script monitoring, and behavioral analytics to detect this multi-stage threat.
Read More: https://thehackernews.com/2025/12/experts-confirm-jssmuggler-uses.html