Cybersecurity researchers have uncovered a sophisticated JScript-to-PowerShell loader delivering XWorm RAT and Rhadamanthys Stealer through a geofenced, multi-stage execution chain. The attack leverages obfuscation, geolocation checks, and fileless techniques to evade detection. Attack Chain Breakdown Stage 1: JScript Loader Activation The campaign begins with a malicious JScript file, often distributed via fake CAPTCHA “ClickFix” attacks or scheduled tasks. It […]

The post Jailbreaking Malicious JScript Loader Reveals Xworm Payload Execution Chain appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/jailbreaking-malicious-jscript-loader/