July 21, 2023THNMoreMalware/software security

New variant of AsyncRAT malware called hot rat It is distributed via free pirated versions of popular software and utilities such as video games, image and sound editing software, and Microsoft Office.

“HotRat malware offers attackers a wide range of capabilities, including stealing login credentials, cryptocurrency wallets, screen capture, keylogging, installing additional malware, accessing and modifying clipboard data,” said Martin a Milánek, a security researcher at Avast. Said.

The Trojan has been circulating since at least October 2022, with the majority of infections concentrated in Thailand, Guyana, Libya, Suriname, Mali, Pakistan, Cambodia, South Africa and India, according to a Czech cybersecurity firm.

This attack involves bundling a malicious AutoHotkey (AHK) script with cracked software available online via torrent sites. This script initiates an infection chain designed to disable antivirus solutions on the compromised host and ultimately launch the HotRat payload using the Visual Basic script loader.

upcoming webinars

Shielding Against Insider Threats: Mastering SaaS Security Posture Management

Worried about insider threats? We’ve got you covered! Join us for this webinar to explore practical strategies and proactive security secrets using SaaS Security Posture Management.

join today

Described as a comprehensive RAT malware, HotRat comes with nearly 20 commands, each executing a .NET module retrieved from a remote server, allowing the attackers behind the campaign to extend its functionality as needed.

However, it is worth noting that this attack requires administrative privileges to achieve its goals.

“Despite the considerable risks involved, the irresistible temptation to get quality software for free continues, leading many to download illegal software,” Milanek said. “Thus, distribution of such software is still an effective way to spread malware widely.”

Did you enjoy this article? Follow us twitter and LinkedIn To read more of the exclusive content we post.



Register now for our membership to gain access to our elite training program and fast forward your career today!


Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

Security Blog

Blue Training Academy

Blue Training Academy was developed in 2018 as a educational and training facility for continuing education and certification courses. Blue Training Academy is an educational institution that allows for all sectors of the public and Criminal Justice field to gain ongoing training and education.

Copyright ©️ All rights reserved. | Blue Training Academy Blog