HotRat: The Risks of Illegal Software Downloads and Hidden AutoHotkey Script Within | allinfosecnews.com

July 19, 2023, 1:46 p.m. | Martin a Milánek

Avast Threat Labs decoded.avast.io

Despite risks to their own data and devices, some users continue to be lured into downloading illegal versions of popular paid-for software, disregarding the potentially more severe repercussions than legitimate alternatives. We have analyzed how cybercriminals deploy HotRat, a remote access trojan (RAT), through an AutoHotkey script attached to cracked software. This malware variant facilitates a range of malicious actions, including the theft of credentials, capturing screenshots, and installing additional malware.

The post HotRat: The Risks of Illegal Software Downloads …

access alternatives asyncrat autohotkey continue cybercriminals data deploy devices downloads hidden illegal own paid pc popular rat remote access remote access trojan risks script software trojan

More from decoded.avast.io / Avast Threat Labs

Avast Q1/2024 Threat Report 2 weeks, 5 days ago | decoded.avast.io

apt avast blocked campaign +19

GuptiMiner: Hijacking Antivirus Updates for Distributing Backdoors and Casual Mining 1 month, 1 week ago | decoded.avast.io

antivirus antivirus updates avast backdoor +18

From BYOVD to a 0-day: Unveiling Advanced Exploits in Cyber Recruiting Scams 1 month, 2 weeks ago | decoded.avast.io

advanced apt attack attacker +23

Lazarus and the FudModule Rootkit: Beyond BYOVD with an Admin-to-Kernel Zero-Day 3 months ago | decoded.avast.io

admin analysis back beyond +17

Decrypted: HomuWitch Ransomware 3 months, 1 week ago | decoded.avast.io

avast companies current decryptor +10

Decrypted: Rhysida Ransomware 3 months, 2 weeks ago | decoded.avast.io

avast companies decryptor decryptors +19

Avast Q4/2023 Threat Report 3 months, 3 weeks ago | decoded.avast.io

api attacks avast blocked +14

Avast Updates Babuk Ransomware Decryptor in Cooperation with Cisco Talos and Dutch Police 4 months, 3 weeks ago | decoded.avast.io

avast babuk babuk ransomware called +19

Opening a new front against DNS-based threats 5 months, 2 weeks ago | decoded.avast.io

attacks avast decentralized dns +11

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote

View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC

View on infosec-jobs.com