HomeWinBuzzer NewsMicrosoft Security Intelligence Warns of Major New RAT Phishing Attack

Microsoft Security Intelligence Warns of Major New RAT Phishing Attack

Microsoft Security Intelligence says a new phishing attack is using remote access Trojans (RATs) to steal data and access systems.


suffers more cyberattacks than most because of the popularity of services like Office, Azure, and . Office especially is a target for phishing attacks. As such, the company maintains a robust division. Called Microsoft Security Intelligence, the division is a leader in combatting digital .

In its latest discovery, Microsoft Security Intelligence has described a new phishing campaign targeting the aerospace and travel industries. Both those markets are reeling from the impact of COVID-19 and threat actors are preying on vulnerabilities.

According to Microsoft's security team, attackers are using emails loaded with malicious content to expose users to remote access Trojans (RATs).

This method deviates almost nothing from the classic phishing method. In other words, the attacker is using an email that looks like it comes from a legitimate sender to trick victims into interacting with a link or attachment that is malicious. Specifically for this campaign, the phishers are using a PDF file that deploys a RAT into a system the instant the file link is clicked.

AsyncRAT and RevengeRAT are the two trojans being used for this attack. Once deployed, the RATs can steal browser data, user credentials, take screenshots, access webcams, and take network data.

As always, the best advice for avoiding a phishing attack is to simply not interact with attachments on emails from unknown sources. Still, considering attacks often mimic legitimate companies, knowing what's real or not can be tough.

Microsoft has added advanced hunting queries to GitHub to give customers tools to know if an attack has happened to them.

Recent Attack

Earlier this month, we reported on a phishing attack against Microsoft Office 365 users. Lab reports on a new phishing attack against Microsoft's Office 365. Specifically, attackers are targeting Office users through Google Docs.

This phishing attack starts with a letter with a message that is vague from an unknown sender. While this should be enough to deter anyone, the letter entices victims by talking about a deposit and having “Deposit Advice”.

Tip of the day:

Whether you're planning an upgrade, tuning CPU timings, or just curious, it's handy to know information about your RAM. In our tutorial, we show you how to check RAM speed, type, and size using several built-in Windows 10 tools.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News