HomeCyber BalkansXeno RAT Targeting Users Through GitHub Repositories and.gg Websites

Xeno RAT Targeting Users Through GitHub Repositories and.gg Websites

Published on

spot_img

The utilization of Remote Access Trojans (RATs) by threat actors is widespread due to the benefits they offer, such as persistent access to compromised systems, allowing for long-term espionage and exploitation.

In a recent development, North Korean hackers and other malicious actors targeting the gaming community have been found to be using a free malware tool called XenoRAT. Researchers from Hunt’s team identified its proliferation through .gg domains and a GitHub repository masquerading as Roblox scripting tools.

According to the ASEC division of AhnLab, there is evidence of a North Korea-linked group employing Dropbox as a means to distribute XenoRAT. Additionally, an investigator discovered the malware in an open directory believed to be controlled by the Kimsuky threat group.

XenoRAT boasts advanced features on its GitHub page, including HVNC, audio spying, and SOCKS5 reverse proxy capabilities. The communication between the malware and its command-and-control center is facilitated through TCP sockets, following a recognizable pattern that can aid in the identification of malicious activities.

The distribution of XenoRAT through .gg domains popular within the esports community emphasizes the evolving tactics employed by threat actors to target gamers. Intrusion Detection System (IDS) rules for the detection of such activities are available on the ET website, highlighting the need for proactive cybersecurity measures.

Moreover, the discovery of harmful executable files, such as XenoRAT and Quasar, in a GitHub repository indicates the widespread nature of malware distribution through seemingly innocuous platforms. The association of a YouTube channel called “P-Denny Gaming” with the malware, offering misguided instructions to turn off Windows Defender before installation, further underscores the malicious intent behind such activities.

The use of social engineering tactics to lure unsuspecting gamers into downloading harmful software poses a significant risk to personal data, gaming assets, and financial information. Therefore, vigilance and skepticism while browsing and downloading software, particularly from open-source platforms like GitHub, are crucial for maintaining a secure online gaming environment.

In conclusion, the emergence of XenoRAT and other malware targeting the gaming community underscores the importance of cybersecurity awareness and best practices. By staying informed about potential threats and exercising caution while engaging with unfamiliar software or websites, users can safeguard themselves against exploitation and data breaches. It is essential for gamers and developers alike to prioritize cybersecurity measures to mitigate the risks associated with malicious activities in the online gaming realm.

Source link

Latest articles

US Sanctions Target VPN Services Supporting Ransomware Gangs

U.S. Treasury Department Targets Cybercriminal Infrastructure with Sanctions In a decisive move against cybercrime, the...

Microsoft is Mandating an Enterprise Shift to Passkeys

Navigating the Security Landscape: The Role of Passkeys in Enterprise Authentication As organizations continue to...

CISA Emphasizes Importance of Router Hardening to Combat Nation-State Hackers

Endpoint Security, Network Performance Monitoring & Diagnostics, ...

Attackers Spread Password Attacks Across Fake OAuth Applications to Avoid SOC Alerts

Rise in Abuse of Spoofed OAuth Application Identifiers Targeting Microsoft Entra ID Accounts As cyber...

More like this

US Sanctions Target VPN Services Supporting Ransomware Gangs

U.S. Treasury Department Targets Cybercriminal Infrastructure with Sanctions In a decisive move against cybercrime, the...

Microsoft is Mandating an Enterprise Shift to Passkeys

Navigating the Security Landscape: The Role of Passkeys in Enterprise Authentication As organizations continue to...

CISA Emphasizes Importance of Router Hardening to Combat Nation-State Hackers

Endpoint Security, Network Performance Monitoring & Diagnostics, ...