NetSupport RAT, a remote access trojan, is being targeted by threat actors in the education, government, and business services sectors. This malware is being delivered through fraudulent updates, drive-by downloads, utilization of malware loaders (such as GHOSTPULSE), and various forms of phishing campaigns.
VMware Carbon Black researchers have reported detecting at least 15 new infections related to NetSupport RAT in the last few weeks. The cybersecurity firm has also detailed how NetSupport Manager, which originally served as a legitimate remote administration tool for technical assistance and support, has been misappropriated by malicious actors for their own advantage.
If you found this article interesting