Research into Delivery of AsyncRAT and Infostealer Plugins via Phishing Emails

eSentire, a leading global Managed Detection and Response (MDR) provider, has expanded its partnership with TD SYNNEX, a leading global distributor and solutions aggregator for the IT ecosystem. eSentire offers an all-in-one, 24/7 MDR service with multi-signal threat intelligence, advanced XDR technology, and a team of elite threat hunters. The company recently discovered and responded to the Kaseya MSP breach and the more_eggs malware. In a recent threat investigation, eSentire’s Threat Response Unit (TRU) observed an infection with AsyncRAT, a Remote Access Trojan (RAT), delivered via email. The TRU team outlined the steps taken to respond to the confirmed threat and provided recommendations to prevent future attacks. In addition to facilitating remote access, the AsyncRAT infection also provides an opportunity to steal information. Email remains a popular method for delivering malware and it is essential to remain vigilant and follow best practices to prevent infection.

Disclaimer: This article is part of the automated collection of X-Force OSINT Advisories to enable faster integration of open source articles into client environments. All credits and copyrights go to the original authors.

Reference:
https://www.esentire.com/blog/exploring-asyncrat-and-infostealer-plugin-delivery-through-phishing-emails

Sample Indicators of Compromise:

154cc0f462c85b494a45b7531f3a9f03
315bc30cd580b750b4afc294fa38a8bc
http://104.243.37.35:222/bfbupdeuiterborm/uzopuzbkrpcziwca.txt
ac0f2aa2c5caf791f0310c2c07a1e1c3
ec348cf15e839b8912862352bc916d22

Related Posts

KFSHRC celebrates 40 years of success in the area of ​​residence at GHE 2024

The Irrwege are super talents

Cologne Marathon 2024: The first runners in the soul – Rhineland – Nachrichten

KFSHRC celebrates 40 years of success in the area of residence at GHE 2024