WarzoneRAT makes a comeback with LNK & HTA files

March 30, 2024
1 min read



TLDR:

– WarzoneRAT malware makes a comeback despite FBI seizure

– Recent campaign uses tax-themed spam emails to spread malware

The notorious WarzoneRAT malware has made a comeback, despite the FBI’s recent efforts to dismantle its operations. Initially detected in 2018, WarzoneRAT was disrupted by the FBI in mid-February when they seized the malware’s infrastructure and arrested two individuals linked to the cybercrime scheme. However, ThreatMon’s recent advertisement for WarZoneRAT v3, with its enhanced features, indicates that the threat actors are far from giving up. Cybersecurity experts at Cyble Research & Intelligence Labs (CRIL) have uncovered a new campaign that leverages tax-themed spam emails to spread the WarzoneRAT (Avemaria) malware, a Remote Administration Tool (RAT) known for its remote control capabilities and ability to execute malicious actions under the command of a remote server.


Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and