"New Gh0st RAT Campaign Targets Users"
1. Gh0st RAT is being delivered via the Gh0stGambit dropper, posing as Google Chrome on a fake website.
2. The malicious installer includes a legitimate Chrome setup and a harmful MSI file that installs Gh0stGambit.
3. The trojan, active since 2008, features extensive capabilities including keylogging, remote command execution, and data exfiltration.
4. The targeting of Chinese-speaking users suggests a focus on data theft and evasion from defense mechanisms.
5. The rise in drive-by downloads underscores the need for enhanced security awareness and training.
#Gh0stRAT #Gh0stGambit #CyberSecurity #DriveByDownload #Malware #ChineseCyberEspionage #Trojan #DataTheft #SecurityAwareness #InfoSec #CyberThreats #eSentire #Phishing #maliciousinstaller
1. Gh0st RAT is being delivered via the Gh0stGambit dropper, posing as Google Chrome on a fake website.
2. The malicious installer includes a legitimate Chrome setup and a harmful MSI file that installs Gh0stGambit.
3. The trojan, active since 2008, features extensive capabilities including keylogging, remote command execution, and data exfiltration.
4. The targeting of Chinese-speaking users suggests a focus on data theft and evasion from defense mechanisms.
5. The rise in drive-by downloads underscores the need for enhanced security awareness and training.
#Gh0stRAT #Gh0stGambit #CyberSecurity #DriveByDownload #Malware #ChineseCyberEspionage #Trojan #DataTheft #SecurityAwareness #InfoSec #CyberThreats #eSentire #Phishing #maliciousinstaller