Details of the discovery
Cybersecurity firm Zscaler has published a report on the discovery of a new malware dubbed InnfiRAT written in .NET.
How does the attack happen?
Prior to executing the RAT’s main payload, it first checks if the file is executing with the name ‘NvidiaDriver.exe’ from the %AppData% directory.
“Because RATs are usually downloaded as a result of a user opening an email attachment or downloading an application that has been infected, the first line of defense is often the users who must, as always, refrain from downloading programs or opening attachments that aren't from a trusted source,” say Zscaler researchers.
They have also published the Indicators of Compromise (IOCs) that you can monitor to safeguard your systems.