New Malware Campaign Deploys PureCrypter Loader to Distribute DarkVision RAT
October 15, 2024
Malware / Cybercrime
Cybersecurity experts have revealed a recent malware campaign utilizing the PureCrypter loader to disseminate the commodity remote access trojan (RAT) known as DarkVision RAT. Observed by Zscaler ThreatLabz in July 2024, this operation comprises multiple stages to effectively deliver the RAT payload. According to security researcher Muhammed Irfan V A, “DarkVision RAT establishes communication with its command-and-control (C2) server using a custom network protocol via sockets.” The RAT boasts a variety of commands and plugins for enhanced functionality, including keylogging, remote access, password theft, audio recording, and screen capture. PureCrypter, initially disclosed in 2022, is a commercially available malware loader that enables users to distribute information stealers, RATs, and ransomware on a subscription basis. The method of initial access for deploying PureCrypter remains under investigation.
Malware / Cybercrime
New Malware Campaign Deploys PureCrypter Loader to Distribute DarkVision RAT October 15, 2024 Cybersecurity experts have unveiled a newly identified malware campaign that utilizes a loader known as PureCrypter to deploy the DarkVision remote access trojan (RAT). This activity, first detected by Zscaler ThreatLabz in July 2024, entails a multi-phase…
New Malware Campaign Deploys PureCrypter Loader to Distribute DarkVision RAT
October 15, 2024
Malware / Cybercrime
Cybersecurity experts have revealed a recent malware campaign utilizing the PureCrypter loader to disseminate the commodity remote access trojan (RAT) known as DarkVision RAT. Observed by Zscaler ThreatLabz in July 2024, this operation comprises multiple stages to effectively deliver the RAT payload. According to security researcher Muhammed Irfan V A, “DarkVision RAT establishes communication with its command-and-control (C2) server using a custom network protocol via sockets.” The RAT boasts a variety of commands and plugins for enhanced functionality, including keylogging, remote access, password theft, audio recording, and screen capture. PureCrypter, initially disclosed in 2022, is a commercially available malware loader that enables users to distribute information stealers, RATs, and ransomware on a subscription basis. The method of initial access for deploying PureCrypter remains under investigation.