Stealthy SeroXen RAT malware increasingly used to target gamers

[MuzzMelbourne]

Content source

https://www.bleepingcomputer.com/news/security/stealthy-seroxen-rat-malware-increasingly-used-to-target-gamers/

A stealthy remote access trojan (RAT) named 'SeroXen' has recently gained popularity as cybercriminals begin using it for its low detection rates and powerful capabilities.

AT&T reports that the malware is sold under the guise of a legitimate remote access tool for Windows 11 and 10 for $15/month or a single "lifetime" license payment of $60

Stealthy SeroXen RAT malware increasingly used to target gamers

A stealthy remote access trojan (RAT) named 'SeroXen' has recently gained popularity as cybercriminals begin using it for its low detection rates and powerful capabilities.

www.bleepingcomputer.com

 

[Andy Ful]

Stealthy SeroXen RAT malware increasingly used to target gamers

A stealthy remote access trojan (RAT) named 'SeroXen' has recently gained popularity as cybercriminals begin using it for its low detection rates and powerful capabilities.

www.bleepingcomputer.com

The Bleepingcomputer article uses the term "batch file" (embedded in ZIP archive) as an initial attack vector. For example:

The batch file extracts two binaries from base64 encoded text and loads them into memory using .NET reflection.

More precisely, the batch file runs PowerShell, which can encode and load the malware into memory (using .NET reflection). The role of PowerShell is most important in the infection chain.