"'BattleRoyal' Hackers Deliver DarkGate RAT Using Every Trick"
An unidentified threat actor conducted various social engineering campaigns against American and Canadian organizations in different industries to infect them with the multifaceted DarkGate malware. Proofpoint researchers could not determine whether the perpetrator dubbed "BattleRoyal" is a completely new actor or related to existing ones, partly because of the number of tactics, techniques, and procedures (TTPs) used. BattleRoyal uses phishing emails, fake browser updates, traffic distribution systems (TDSs), malicious VBScript, steganography, and a Windows Defender vulnerability to deliver DarkGate and, more recently, NetSupport remote control software. This article continues to discuss findings regarding the BattleRoyal's TTPs.
Dark Reading reports "'BattleRoyal' Hackers Deliver DarkGate RAT Using Every Trick"
Submitted by grigby1