Hackers Now Hiding ObliqueRAT Payload in Images to Evade Detection

Regardless of how the virus is delivered, the goal is to trick victims into opening emails containing weaponized documents, that direct them to the ObliqueRAT virus payload (version 6.3.5 as of November 2020) through malicious URLs which then ultimately exports sensitive data from their system.

Cybercriminals are now deploying remote access Trojans (RATs) under the guise of seemingly innocuous images hosted on infected websites, once again highlighting how threat actors quickly change tactics when their attack methods are discovered and exposed publicly.

New research released by Cisco Talos reveals a new malware campaign targeting organizations in South Asia that utilize malicious Microsoft Office documents forged with macros to spread a RAT that goes by the name of ObliqueRAT.

Read more…

Source: Hackers Now Hiding ObliqueRAT Payload in Images to Evade Detection