The post Attackers Hijack Trusted RMM Tools to Create Invisible, Permanent Backdoors appeared first on Daily CyberSecurity. Related posts: The Fake Job Trap: Microsoft Exposes the ‘Contagious Interview’ Campaign Targeting Developers The “Special Invitation” Trap: STAC6405 Abuses Legitimate RMM Tools to Hijack Your PC BlackSuit Affiliates Continue Social Engineering Attacks with Upgraded Java RAT and Cloud Abuse

AhnLab SEcurity intelligence Center (ASEC) has recently observed an increase in attack cases exploiting Remote Monitoring and Management (RMM) tools. Whereas attackers previously exploited remote control tools during the process of seizing control after initial penetration, they now increasingly leverage RMM tools even during the initial distribution phase across diverse attack scenarios. This article covers […]

AhnLab SEcurity intelligence Center (ASEC) recently discovered cases of attacks using RMM tools such as Syncro, SuperOps, NinjaOne, and ScreenConnect. Threat actors distributed a PDF file that prompted users to download and run the RMM tool from a disguised distribution page such as Google Drive. The certificate used to sign the malware shows that the […]