DCRat malware spread with HTML smuggling

Attacks involved the distribution of malicious Russian-language HTML files impersonating TrueConf and VK Messenger apps, which when opened stealthily downloads a password-protected ZIP file with a nested RarSFX archive that launches DCRat.

Article Link: DCRat malware spread with HTML smuggling | SC Media