
New LabubaRAT Masquerades as NVIDIA Software to Execute Commands and Proxy Malicious Traffic
Blackpoint’s Adversary Pursuit Group has identified a new Rust-based remote access trojan, dubbed LabubaRAT, masquerading as NVIDIA software. The malware, delivered as nvidia-sysruntime.exe, uses NVIDIA-themed file metadata and runtime names to appear legitimate while giving operators broad control over infected Windows systems. The unsigned 646464-bit Windows executable claims to be related to “NVIDIA Container Runtime […]
The post New LabubaRAT Masquerades as NVIDIA Software to Execute Commands and Proxy Malicious Traffic appeared first on Cyber Security News.