The final stage of the REF6598 intrusion set, uncovering a sophisticated Remote Access Trojan (RAT) named PHANTOMPULSE. Originally delivered through malicious Obsidian plugins, this malware relies on complex evasion tactics, a blockchain-based command and control (C2) channel, and a public User Account Control (UAC) bypass to compromise Windows systems. The binary also features strong fingerprints […]
The post New PHANTOMPULSE RAT Campaign Uses UAC Bypass in Windows Attacks appeared first on Cyber Security News.