The SocGholish campaign is suspected to be linked to the Russian threat actor known as “Evil Corp”. The threat actors are known to drop HTML code into outdated or vulnerable websites. When a user visits the compromised website, the code generates a pop-up within the browser attempting to trick the user into believing their browser …

The post NetSupport Remote Access Trojan (RAT) delivered through fake browser updates by SocGholish threat actors appeared first on OpenText Blogs.