As part of a malware campaign in September 2021, a new, advanced phishing attack has been identified that delivers the AsyncRAT trojan. “Through a simple email phishing tactic with an html attachment, threat attackers are delivering AsyncRAT (a remote access trojan) designed to remotely monitor and control its infected computers through a secure, encrypted connection,” as said by Michael Dereviashkin, a security researcher at enterprise breach prevention firm Morphisec.
RATs like AsyncRAT are commonly used to establish a remote connection between a threat actor and a victim device, steal data, and perform surveillance via microphones and cameras. They come with a slew of powerful features that allow attackers to thoroughly monitor and manage the devices they’ve infiltrated. Morphisec further highlighted the campaign’s innovative methods, claiming that despite the operation lasting nearly five months, the malware was virtually undetected by major antimalware engines.