Quasar RAT Spread by Bat Files in Stealth Malware Push

Cybersecurity analysts have uncovered a new campaign in which threat actors are using Windows batch files to deploy the Quasar RAT, a known remote access Trojan. The attack begins with a deceptive batch file that appears benign but covertly initiates the download and execution of malicious payloads, marking a notable shift in malware delivery tactics.

The infection chain includes launching a decoy Office document to distract users while hidden scripts run in the background. Researchers observed that the attackers employ obfuscation techniques and anti-analysis measures, enabling the malware to evade common security tools and sandbox environments.

The Quasar RAT variant in this campaign shows enhanced evasion capabilities, complicating efforts to detect and mitigate infections. A multi-stage execution process reconstructs malicious code dynamically, often embedded within files such as PNG images, further hindering analysis.

The campaign has affected multiple sectors, with a rise in attempts recently.

Read the official report at: https://cybersecuritynews.com/threat-actors-weaponizing-bat-files/