CyberSecurity News
SEO-Poisoned Software Sites Abuse ScreenConnect to Deploy AsyncRAT
AI summary
Unknown threat actors are using the ScreenConnect remote access tool to deploy and execute AsyncRAT. This activity is part of a large campaign that involves distributing malicious installer archives from fake websites. The malicious installers are disguised as popular software, including OBS Studio, DNS Jumper, and Bandicam. The campaign is described as massive and spans multiple domains and languages. The malicious archives are hosted on spoofed websites that mimic legitimate software sites.
This is an AI-generated brief aggregated by HackerFeeds for convenience and grounded in the source’s own summary; the related CVE, threat-group and country data is from HackerFeeds’ own indexes. The original article is the authoritative source — all rights belong to The Hacker News.

