Security News > 2023 > May > Stealthy SeroXen RAT malware increasingly used to target gamers

Stealthy SeroXen RAT malware increasingly used to target gamers
2023-05-31 16:56

A stealthy remote access trojan named 'SeroXen' has recently gained popularity as cybercriminals begin using it for its low detection rates and powerful capabilities.

AT&T reports that the malware is sold under the guise of a legitimate remote access tool for Windows 11 and 10 for $15/month or a single "Lifetime" license payment of $60. While marketed as a legitimate program, the Flare Systems cyber intel platform has shown that SeroXen is promoted as a remote access trojan on hacking forums.

SeroXen is based on various open-source projects, including Quasar RAT, the r77 rootkit, and the NirCmd command line tool.

"The SeroXen developer has found a formidable combination of free resources to develop a hard to detect in static and dynamic analysis RAT," comments AT&T in the report.

Quasar RAT, which SeroXen uses as its basis, is a lightweight remote administration tool first released in 2014.

The r77 rootkit injects the SeroXen RAT into the system's memory, ensuring it remains undetected and now providing remote access to the device.


News URL

https://www.bleepingcomputer.com/news/security/stealthy-seroxen-rat-malware-increasingly-used-to-target-gamers/