Summary: Researchers have uncovered a sophisticated remote access trojan named ResolverRAT, primarily targeting the healthcare and pharmaceutical sectors through phishing attacks. The malware utilizes fear-based language in localized emails to induce urgency and uses advanced techniques to evade detection. The campaign’s attributes indicate potential connections to previous phishing campaigns, highlighting a complex and evolving threat landscape.
Affected: Healthcare and Pharmaceutical sectors
Keypoints :
- ResolverRAT is disseminated via phishing emails using localized languages to maximize infection rates.
- The malware employs a DLL side-loading technique to execute a multi-stage, stealthy installation process with various persistence methods.
- ResolverRAT features an advanced command-and-control infrastructure with secure communications and evasion techniques, enabling persistent access while minimizing detection.
Source: https://thehackernews.com/2025/04/resolverrat-campaign-targets-healthcare.html