A recent malware campaign has been identified that employs AsyncRAT, a remote access trojan, using Python payloads and TryCloudflare tunnels. The attack starts with a phishing email containing a Dropbox URL, leading to a ZIP archive that disguises malicious content. It utilizes a series of files, including an internet shortcut and Windows shortcut, to further the infection. The malware can download and execute various malware families, underscoring the potential danger and misuse of legitimate platforms like Dropbox and TryCloudflare by cybercriminals.
AsyncRAT is a remote access trojan (RAT) that exploits the async/await pattern for efficient, asynchronous communication, allowing attackers to control infected systems stealthily.
This AsyncRAT campaign has again shown how hackers can use legitimate infrastructures like Dropbox URLs and TryCloudflare to their advantage.
Collection
[
|
...
]