Threat Actors Use ParallaxRAT For Targeting Cryptocurrency Entities
Threat actors are targeting organization in the cryptocurrency sector with spam and phishing campaigns that leads to a Parallax RAT malware infection.
Upon the execution of Payload1 its contents are decrypted and Payload2 (Paralax RAT) is created.
The Parallax RAT is then injected into pipanel.exe via process hollowing.
The malware has the capability to steal information such as computer name victim keystrokes OS Details and reading the clipboard etc.
Once successfully compromised the malware establishes communication with the threat actor who makes use of MS notepad to interact with the victim and instructs them to connect with the threat actors via an established Telegram Channel.
Featured Resources
Subscribe to Our Blog
Subscribe now to get the latest insights, expert tips and updates on threat exposure validation.
Subscribe