Security News > 2023 > May > Stealthy SeroXen RAT malware increasingly used to target gamers
A stealthy remote access trojan named 'SeroXen' has recently gained popularity as cybercriminals begin using it for its low detection rates and powerful capabilities.
AT&T reports that the malware is sold under the guise of a legitimate remote access tool for Windows 11 and 10 for $15/month or a single "Lifetime" license payment of $60. While marketed as a legitimate program, the Flare Systems cyber intel platform has shown that SeroXen is promoted as a remote access trojan on hacking forums.
SeroXen is based on various open-source projects, including Quasar RAT, the r77 rootkit, and the NirCmd command line tool.
"The SeroXen developer has found a formidable combination of free resources to develop a hard to detect in static and dynamic analysis RAT," comments AT&T in the report.
Quasar RAT, which SeroXen uses as its basis, is a lightweight remote administration tool first released in 2014.
The r77 rootkit injects the SeroXen RAT into the system's memory, ensuring it remains undetected and now providing remote access to the device.
News URL
Related news
- Andariel Hackers Target South Korean Institutes with New Dora RAT Malware (source)
- New Cross-Platform Malware 'Noodle RAT' Targets Windows and Linux Systems (source)
- China-linked APT17 Targets Italian Companies with 9002 RAT Malware (source)
- Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware (source)