Quasar RAT, an open-source remote access trojan, is leveraging DLL side-loading to infiltrate Windows hosts and steal data. The attack begins with an ISO image file, which contains malicious code that is hidden through DLL side-loading. A ‘FileDownloader.exe’ file is injected into the Windows Assembly Registration Tool, which triggers the trojan to establish connections with a remote server and send system information. The likely dissemination method is phishing emails.
Decrypting Linux/ESXi Akira Ransomware Files Without Paying Ransomware
A cybersecurity researcher has decrypted the Linux/ESXI variant of Akira ransomware, allowing data recovery without ransom. The method exploits a flaw in the malware’s encryption
