"New Stealthy Python RAT Malware Targets Windows in Attacks"

A new Python-based malware with Remote Access Trojan (RAT) capabilities has been discovered in the wild, giving its operators control over compromised systems. The new RAT, dubbed "PY#RATION" by researchers at Securonix, leverages the WebSocket protocol to communicate with the command-and-control (C2) server and exfiltrate data from the target system. Since August 2022, when the PY#RATION campaign began, the researchers have observed various variants of the RAT, indicating its active development. The PY#RATION malware is spread via a phishing campaign involving password-protected ZIP attachments containing two shortcut .LNK files appearing as images. This article continues to discuss findings and observations regarding the PY#RATION RAT. 

Bleeping Computer reports "New Stealthy Python RAT Malware Targets Windows in Attacks"