Threat Actors Use MSBuild to Deliver RATs Filelessly

A campaign was discovered, in which threat actors used Microsoft Build Engine (MSBuild) to filelessly deliver Remcos remote access tool (RAT) and password-stealing malware commonly known as RedLine Stealer. The threat actors began infiltrating Remcos RAT, Quasar RAT, and RedLine Stealer payloads onto their victims’ computers last month. Once they are installed, they can be… Continue reading Threat Actors Use MSBuild to Deliver RATs Filelessly